In the last column I threw a little hissy fit around the authentication options for working with the WordPress REST API. In it, I made noises about the adoption of OAuth 2.0 over version 1.0a and further grumbled about the backwards incompatibility (not to mention some of the politics around the changes) between the two versions. All of this piqued the interest of my editor who asked me to write some more on the topic. I’m still not thrilled about the OAuth situation, but I thought I would try to redeem myself by providing a column around the subject based on an actual piece of code that had to authenticate using OAuth2. This still won’t address the OAuth 1.0a questions, but perhaps future columns will drag me kicking and screaming in that direction as well. One brief aside about version 1.0a because I need to make a slight correction: in the previous column I had suggested that 2.0 had all but supplanted 1.0a in the world. I’ve recently been discovering a few pockets of 1.0a (for example, Twitter’s API, probably for historical reasons, seems to consist of this strange mishmash of the two), so I don’t think 1.0a can be considered dead quite yet. Maybe we’ll make with the Twitter in a future column.
