D Diagent docs
/

WordPress & WooCommerce

Overview

Pitchbar ships a first-party WordPress & WooCommerce plugin that drops the streaming chat widget on every public page, syncs the site's content as a knowledge source, and (when WooCommerce is active) deeply integrates with the store โ€” product cards, coupon application, order lookup, lead mirroring, and abandoned-cart re-engagement.

The plugin lives in the Pitchbar monorepo at wp-plugin/pitchbar/ and ships as a versioned zip you can install from Plugins โ†’ Add New โ†’ Upload Plugin in any WordPress 6.4+ install on PHP 7.4+.

Install & connect
Upload the zip, paste your workspace base URL + API token, pick the agent the widget should run.
Content sync
How posts, pages, and Woo products flow from WordPress to your Pitchbar agent. Delta hooks, content hash, resumable sync.
Page builders
Elementor, Divi, Beaver, Oxygen, and Bricks pages are fully rendered before sync. Includes an override filter.
WooCommerce deep links
Logged-in shopper context, order lookup, coupon emission & apply, lead push, abandoned cart trigger.
REST API reference
Every endpoint on both sides of the wire โ€” Pitchbar's /api/v1/wp/* and the plugin's /wp-json/pitchbar/v1/*.
Troubleshooting
Sync stuck mid-run, widget invisible, theme conflicts, RTL mirroring, HMAC mismatches.

What this plugin does

  • Widget embed โ€” one asynchronous <script> tag injected into wp_footer on every public page, scoped to the post types you opt into. RTL-aware. Hidden on wp-admin, wp-login, AJAX, REST, XML-RPC, and cron requests.
  • Content sync โ€” bulk + delta ingest of posts, pages, custom post types, and WooCommerce products into a Pitchbar knowledge source. Resumable on shared hosting with a 30s exec cap.
  • Page-builder rendering โ€” Elementor, Divi, Beaver Builder, Oxygen, and Bricks pages are rendered via each builder's native API so their visible HTML actually reaches the RAG store (instead of empty post_content).
  • Shopper context โ€” a logged-in WooCommerce customer's wp_user_id + email_hash (never plaintext) are signed and forwarded to the chat session so the agent knows who's talking.
  • Order lookup โ€” the lookup_order tool calls back into /wp-json/pitchbar/v1/orders/lookup over HMAC-signed POST so the agent can answer "where's my order?" without exposing customer data.
  • Coupon emission & apply โ€” the agent renders <coupon/> cards in chat; the Apply button stages the code in a transient and applies it on the visitor's next cart load.
  • Lead mirroring โ€” every Pitchbar lead is pushed back into WordPress as a WC customer (or WP subscriber when Woo is absent) with conversation correlation in user meta.
  • Abandoned-cart trigger โ€” a tiny front-end script mirrors WC cart events into localStorage; the widget proactively engages when the cart sits idle past the configured threshold.

Compatibility matrix

ComponentTested range
WordPress6.4 โ†’ 6.6
PHP7.4 โ†’ 8.4
WooCommerce8.0 โ†’ 9.x (optional โ€” plugin core works without WC)
MultisiteSupported (per-site activation; each site connects to its own Pitchbar workspace)
Page buildersElementor (Free + Pro), Divi, Beaver Builder, Oxygen, Bricks
ThemeTheme-agnostic. Widget renders in a Shadow DOM isolated from theme CSS.
RTL localesYes (Arabic, Hebrew, Persian, Urdu, etc.). Widget mirrors via data-page-dir.

Distribute the plugin (super_admin)

Super-admins can produce an install-ready .zip of the plugin from inside the Pitchbar admin without ssh access. Open /admin/integrations/wordpress:

  1. Click Build latest. The server runs php artisan pitchbar:build-wp-plugin against the bundled wp-plugin/pitchbar/ source tree and writes a versioned archive to storage/app/private/wp-plugin-builds/pitchbar-{version}.zip.
  2. Click Download on the resulting row. The archive is streamed back with the correct Content-Disposition; it's roughly 45 KB and contains a top-level pitchbar/ directory.
  3. The archive excludes dev-only files (.DS_Store, node_modules/, tests/, .git*) so what your tenants upload is exactly what WordPress should install.

Headless alternative: php artisan pitchbar:build-wp-plugin works from the CLI and prints the resulting path. The optional --output flag overrides the destination directory.

Security model at a glance

The plugin and the Pitchbar server authenticate each other with two distinct credentials, in opposite directions:

  • Plugin โ†’ Pitchbar: bearer API token. Created in /settings/api-tokens, scope wp:integration. Pitchbar stores only the SHA-256 hash of the plaintext. The plugin keeps the plaintext in wp_options (treat as wp-config.php-level secret).
  • Pitchbar โ†’ Plugin: HMAC-SHA256 signature using the per-token shopper_signing_secret. The plugin receives this secret in the handshake response and stores it locally. Pitchbar uses it to sign every callback (order lookup, coupon apply, lead push) so the WordPress REST endpoints can verify the caller is Pitchbar without ever holding the bearer plaintext.
  • Replay protection: both directions enforce a 5-minute timestamp window on the HMAC signature.

See REST API reference for the exact signature scheme and verification code path.

Current release

Plugin version 2.0.4. Notable since v1.x:

2.0.x patch series

  • 2.0.4 โ€” Admin column width fix. On the WooCommerce Products list (and other crowded list tables) the “Pitchbar” column was rendering one letter per line because WP's auto-width algorithm starved it of pixels. Forced to 110px via an admin_head style block.
  • 2.0.3 โ€” “Indexed” admin badges + empty-body fallback. Posts, Pages, and Products lists now render a green “Indexed” pill, yellow “Out of date” pill, or gray “Not indexed” pill per row based on the sync timestamp + content hash the plugin stamps on every push. Featured-image-only / builder-stub posts whose the_content collapses to empty are synthesised from title + excerpt + taxonomy terms client-side so they always have indexable text.
  • 2.0.2 โ€” Empty-body posts + every product type. Pre-fix a post-sync batch died with posts.N.content_html field is required the first time any post had an empty body. Pre-fix the product syncer filtered to [simple, variable, grouped, external] which silently dropped subscriptions, bundles, memberships, bookings, and custom types. Both fixed; a fallback WP_Query covers hosts whose wc_get_products hook chain hides everything.
  • 2.0.1 โ€” Diagnostic Test connection. The generic “Connection failed” message is gone. The plugin now surfaces HTTP status, the URL it tried, the transport-level cURL / DNS code on network failure, and the first 800 chars of the upstream response body. A “Show details” toggle reveals the full diagnostic block. HTTP-status-aware hints (401 โ†’ reissue token, 403 โ†’ missing scope, 404 โ†’ not deployed, 5xx โ†’ server log).

2.0.0 โ€” major release

  • Page-builder content actually reaches the RAG store (was empty for Elementor/Bricks/Oxygen).
  • WooCommerce load-order race fixed โ€” the plugin's WC-dependent hooks now defer to woocommerce_loaded instead of trusting class_exists('WooCommerce') at plugins_loaded priority 10.
  • Sync is resumable across multiple WP-Cron ticks โ€” large catalogs no longer hit the 30s exec cap.
  • Coupon enumeration switched from wc_get_coupons() (not public API) to the shop_coupon CPT directly.
  • abandoned_cart rule kind exposed in the agent Behavior triggers admin.
  • RTL mirroring + admin background-sync notice.

See application changelog for the full release history.