ContentShelter
LoginSign Up

ContentShelter API Documentation

Secure content delivery API for your websites

Overview

The ContentShelter API allows you to securely fetch content from your ContentShelter account and display it on your websites. All requests must include an API key for authentication.

Authentication

API Key & Secret

Include both your API key and secret in request headers:

x-api-key: cs_live_abc123def456...
x-api-secret: cs_secret_xyz789uvw012...

Getting API Keys

  1. Log in to your ContentShelter dashboard
  2. Navigate to "API Keys" in dashboard
  3. Click "Create API Key"
  4. Configure permissions and rate limits
  5. Copy both API key and secret
  6. Each API key is website-specific for security

API Endpoints

Get Content List

GET /api/public/content/{contentType}/list

Parameters

  • contentType - Content type (blog_post, article, guide, news, faq)
  • limit - Number of items per page (default: 10)
  • page - Page number (default: 1)

Example Request

curl -X GET \
"https://contentshelter.com/api/public/content/blog_post/list?limit=5&page=1" \
-H "x-api-key: cs_live_abc123def456..." \
-H "x-api-secret: cs_secret_xyz789uvw012..."

Response

{
"success": true,
"posts": [
{
"_id": "64f8a1b2c3d4e5f6a7b8c9d0",
"title": "My Blog Post",
"slug": "my-blog-post",
"contentType": "blog_post",
"excerpt": "This is an excerpt...",
"featuredImage": "https://...",
"tags": ["tag1", "tag2"],
"category": { "name": "Tech", "slug": "tech" },
"author": { "name": "John Doe" },
"publishedAt": "2023-09-05T10:00:00.000Z",
"createdAt": "2023-09-05T09:00:00.000Z",
"updatedAt": "2023-09-05T10:00:00.000Z"
}
],
"pagination": {
"page": 1,
"limit": 5,
"total": 25,
"pages": 5
},
"websiteInfo": {
"websiteId": "64f8a1b2c3d4e5f6a7b8c9d0",
"apiKeyName": "My Website API",
"source": "API key specific website only"
},
"requestId": "abc123def456"
}

Get Single Content

GET /api/public/content/{contentType}/{slug}

Parameters

  • contentType - Content type
  • slug - Content slug

Example Request

curl -X GET \
"https://contentshelter.com/api/public/content/blog_post/my-blog-post" \
-H "x-api-key: cs_live_abc123def456..." \
-H "x-api-secret: cs_secret_xyz789uvw012..."

Response

{
"success": true,
"data": {
"id": "64f8a1b2c3d4e5f6a7b8c9d0",
"title": "My Blog Post",
"slug": "my-blog-post",
"contentType": "blog_post",
"content": "<p>Full content here...</p>",
"excerpt": "This is an excerpt...",
"featuredImage": "https://...",
"tags": ["tag1", "tag2"],
"category": { "name": "Tech", "slug": "tech" },
"author": { "name": "John Doe" },
"publishedAt": "2023-09-05T10:00:00.000Z",
"createdAt": "2023-09-05T09:00:00.000Z",
"updatedAt": "2023-09-05T10:00:00.000Z",
"websiteInfo": {
"websiteId": "64f8a1b2c3d4e5f6a7b8c9d0",
"apiKeyName": "My Website API",
"source": "API key specific website only"
}
}
}

WordPress Integration

ContentShelter API works seamlessly with WordPress websites. Here are multiple integration methods:

WordPress Plugin Method

Create a custom WordPress plugin for the most robust integration:

<?php
/*
* Plugin Name: ContentShelter Integration
* Description: Display ContentShelter content in WordPress
* Version: 1.0
*/
// Activation hook
register_activation_hook(__FILE__, 'contentshelter_activate');
function contentshelter_activate() {{}
add_option('contentshelter_api_key', '');
add_option('contentshelter_api_secret', '');
}
// Shortcode for easy use
add_shortcode('contentshelter_blogs', 'contentshelter_blogs_shortcode');
function contentshelter_blogs_shortcode($atts) {{}
$api_key = get_option('contentshelter_api_key');
$api_secret = get_option('contentshelter_api_secret');
$response = wp_remote_get(
"https://contentshelter.com/api/public/content/blog_post/list?limit=5",
array(
'headers' => array(
'x-api-key' => $api_key,
'x-api-secret' => $api_secret
)
)
);
$data = json_decode($response['body']);
$output = '';
foreach($data->posts as $post) {{}
$output .= '<div class="contentshelter-post">';
$output .= '<h3>' . esc_html($post->title) . '</h3>';
$output .= '<p>' . esc_html($post->excerpt) . '</p>';
$output .= '<a href="/blog/' . esc_attr($post->slug) . '">Read More</a>';
$output .= '</div>';
}
return $output;
}
?>

Theme Integration Method

Add directly to your WordPress theme's functions.php:

// In functions.php
function display_contentshelter_blogs() {{}
$api_key = get_option('contentshelter_api_key');
$api_secret = get_option('contentshelter_api_secret');
$response = wp_remote_get(
"https://contentshelter.com/api/public/content/blog_post/list",
array(
'headers' => array(
'x-api-key' => $api_key,
'x-api-secret' => $api_secret
)
)
);
$data = json_decode($response['body']);
foreach($data->posts as $post) {{}
echo '<div class="blog-post">';
echo '<h2>' . esc_html($post->title) . '</h2>';
echo '<p>' . esc_html($post->excerpt) . '</p>';
echo '<a href="/blog/' . esc_attr($post->slug) . '">Read More</a>';
echo '</div>';
}
}
// Use in template
// In your theme file: <?php echo display_contentshelter_blogs(); ?>

Gutenberg Block Method

Create a custom Gutenberg block for modern WordPress:

// block.js
import { useState, useEffect } from '@wordpress/element';
import { registerBlockType } from '@wordpress/blocks';
const ContentShelterBlock = () => {{}
const [posts, setPosts] = useState([]);
useEffect(() => {{}
fetch('/wp-json/contentshelter/v1/posts')
.then(response => response.json())
.then(data => setPosts(data.posts));
}, []);
return (
<div className="contentshelter-block">
{posts.map(post => (
<div key={post.id} className="post-item">
<h3>{post.title}</h3>
<p>{post.excerpt}</p>
<a href={`/blog/${post.slug}`}>Read More</a>
</div>
))}
</div>
);
};
registerBlockType('contentshelter/blogs', {{}
title: 'ContentShelter Blogs',
icon: 'dashicons-list-view',
category: 'widgets',
edit: ContentShelterBlock,
save: () => null
});

Usage in WordPress

Shortcode Method

<!-- In any WordPress page/post -->
[contentshelter_blogs limit="5" category="tech"]

PHP Template Method

<!-- In your theme template file -->
<?php echo do_shortcode('[contentshelter_blogs]'); ?>

Gutenberg Editor

<!-- In WordPress block editor -->
<!-- Add "ContentShelter Blogs" block -->

WordPress REST API Bridge

Create a WordPress REST endpoint to bridge ContentShelter:

// In your WordPress plugin
add_action('rest_api_init', function () {{}
register_rest_route('contentshelter/v1', '/posts', array(
'methods' => 'GET',
'callback' => 'get_contentshelter_posts',
'permission_callback' => '__return_true'
));
});
function get_contentshelter_posts($request) {{}
$api_key = get_option('contentshelter_api_key');
$api_secret = get_option('contentshelter_api_secret');
$response = wp_remote_get(
"https://contentshelter.com/api/public/content/blog_post/list",
array(
'headers' => array(
'x-api-key' => $api_key,
'x-api-secret' => $api_secret
)
)
);
$data = json_decode($response['body']);
return new WP_REST_Response($data, 200);
}

WordPress Integration Benefits

  • Easy Setup: Plugin installation or theme integration
  • Native Feel: Content appears as regular WordPress posts
  • SEO Friendly: Content indexed by search engines
  • Theme Compatible: Works with any WordPress theme
  • Performance: Cached content for fast loading
  • Admin Control: Manage from WordPress dashboard
  • Multi-site Ready: Use across WordPress networks

JavaScript Embed

Use our JavaScript embed script to easily display content on your website:

<!-- Add this to your HTML head or before closing body tag -->
<script src="https://contentshelter.com/embed.js?apikey=cs_live_abc123def456..."></script>
<div id="contentshelter-container"></div>

Features

  • Automatic content loading and display
  • Responsive design
  • Modal popup for full articles
  • Automatic API key extraction from script URL
  • Error handling and loading states

Rate Limiting

API requests are rate-limited to prevent abuse. Each API key has configurable limits:

  • Default limit: 1,000 requests per hour
  • Rate limit headers are included in responses
  • Exceeding limits returns HTTP 429 status
  • Configure limits in your API key settings

Rate Limit Headers

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1693920000

Error Handling

401 Unauthorized

Missing or invalid API key

403 Forbidden

Insufficient permissions or origin not allowed

404 Not Found

Content not found

429 Too Many Requests

Rate limit exceeded

500 Internal Server Error

Server error occurred

Security

Security Features

  • Dual authentication (API key + secret) required for all requests
  • Website-specific content isolation for security
  • Only published content is accessible via API
  • Origin validation for API keys
  • HTTPS-only API endpoints
  • Rate limiting to prevent abuse
  • CORS headers for cross-origin requests
  • Request logging and monitoring
  • API key deactivation and management

Website Isolation

Each API key is bound to a specific website for maximum security:

  • API keys only return content from their assigned website
  • Cross-website data access is blocked by default
  • Website ID is included in all responses for verification
  • API key names help identify integration sources