Backend API (REST)
The AI‑Kit AWS backend exposes “Chrome Built‑in AI parity” endpoints under /admin/* and /frontend/*, plus helpers for Knowledge Base listings and presigned uploads.
Deployment details, parameter descriptions, and setup notes live in the public Serverless Application Repository readme: wpsuite-ai-kit on AWS SAR.
Authentication
Authentication is controlled entirely by the SAR parameters you choose while deploying the application (see the public README linked above):
AdminApiAuthModeFrontendApiAuthMode
Each can be set to NONE, IAM, or COGNITO. The value you choose determines how requests to /admin/* or /frontend/* endpoints must be authenticated. When NONE, you typically pair it with reCAPTCHA or WAF (firewall) via the SAR configuration.
Frontend endpoints may additionally require an X-Recaptcha-Token header if reCAPTCHA protection is enabled.
How the WordPress plugin uses the backend
- The AI-Kit blocks, chatbot, and JavaScript APIs automatically call the backend according to the settings you configure on the AI-Kit Settings admin screen.
- When reCAPTCHA is enabled for frontend traffic, the plugin requests tokens client-side so requests include the expected
X-Recaptcha-Tokenheader. - If you integrate Gatey as a transport and configure a matching
apiNamein Gatey Settings → API Settings, IAM/Cognito-protected deployments can exchange and refresh tokens seamlessly after the user signs into WordPress via Gatey. - Without Gatey wiring, you can still call the backend directly from your own code (for example with
fetch) against the public endpoint, using whatever auth mode you configured, or opting into network-level controls like firewalls/allow-lists. - Use this document when you want to build custom flows or external tools on top of the deployed backend rather than the built-in plugin features.
Endpoints
Endpoints are split into admin (WordPress dashboard) and frontend (public UI) prefixes. Both sets accept application/json unless noted otherwise.
Admin endpoints (/admin/*)
| Path | Method | Purpose |
|---|---|---|
/admin/knowledge-bases | GET | List Bedrock Knowledge Bases available for RAG integration |
/admin/prompt | POST | General prompt API parity (used by SEO flows) |
/admin/generate-upload-url | GET | Presigned S3 upload URLs for multimodal prompts |
/admin/summarize | POST | Summarizer backend fallback |
/admin/write | POST | Writer backend fallback (KB enabled by default) |
/admin/rewrite | POST | Rewriter backend fallback |
/admin/translate | POST | Translator backend fallback |
/admin/proofread | POST | Proofreader backend fallback |
/admin/detect-language | POST | Language detector backend fallback |
Frontend endpoints (/frontend/*)
These are feature-gated by SAR parameters (EnableSummarizerBackend, EnableChatbotBackend, EnableLanguageAIBackend). When enabled they mirror the admin routes and may require X-Recaptcha-Token.
| Path | Method | Notes |
|---|---|---|
/frontend/prompt | POST | Used by the chatbot's sendChatMessage and sendFeedbackMessage |
/frontend/generate-upload-url | GET | Presigned uploads for public chatbot |
/frontend/summarize | POST | Same payload as admin summarizer |
/frontend/write | POST | Same payload as admin writer |
/frontend/rewrite | POST | Same payload as admin rewriter |
/frontend/translate | POST | Same payload as admin translator |
/frontend/proofread | POST | Same payload as admin proofreader |
/frontend/detect-language | POST | Same payload as admin language detector |
Sample payloads
// /admin/prompt (or /frontend/prompt)
{
"messages": [
{ "role": "system", "content": "You are a helpful assistant." },
{ "role": "user", "content": "Extract a title and 5 bullet points from the text below..." }
],
"saveChatSession": false
}
// /admin/write
{
"text": "Write a short product description...",
"tone": "professional",
"format": "markdown",
"length": "short",
"outputLanguage": "en"
}
// /admin/translate (source language required)
{
"text": "Hello world",
"sourceLanguage": "en",
"targetLanguage": "hu"
}
// /admin/language-detector
{
"text": "Szia! Hogy vagy?"
}
// /admin/proofread
{
"text": "I has a apple.",
"expectedInputLanguages": ["en"]
}
Error responses
Errors return an ErrorResponse shape (status code, message, and optional details). Common causes:
- payload too large (image uploads, large prompts)
- invalid enum values (for example missing
sourceLanguagefor translator) - missing credentials / rejected by IAM, Cognito, WAF, or reCAPTCHA