Tag: Claude

WordPress has a fully functional REST API built in. Most people never use it because they don’t know it’s there. For publishers, content operations teams, and anyone running Claude-powered content workflows, the REST API is the infrastructure that eliminates manual publishing and enables automation at scale. Here’s how it works and how to wire Claude to it.

What the WordPress REST API Can Do

The REST API exposes every major WordPress function over HTTP: create posts, update posts, get posts, manage categories and tags, upload media, manage users. Every action you can take in the WordPress admin can be done via API call. No plugin required — it’s built into WordPress core since version 4.7.

Authentication: Application Passwords

The simplest authentication method for Claude-to-WordPress connections is WordPress Application Passwords — a built-in feature (WordPress 5.6+) that generates a dedicated password for API access without exposing your main login credentials.

To generate one: WP Admin → Users → Your Profile → Application Passwords → enter a name → click Add New. Copy the generated password immediately — it’s only shown once. The format it gives you has spaces; remove them before using in API calls.

Authenticate using HTTP Basic Auth:

Publishing a Post via API

A complete post publish call:

The response returns the new post ID and URL. Log these — you need the post ID for any subsequent updates.

Wiring Claude Into the Pipeline

The standard Claude-to-WordPress pipeline: Claude generates the article content (with SEO optimization, schema markup, and FAQ sections baked in), a Python or Node.js script assembles the API payload, the payload POSTs to the WordPress REST endpoint, and the response confirms publication. For Cowork tasks, this runs on a schedule without human intervention.

The critical rule: Notion first, WordPress second. Every article goes to a Notion page before publishing to WordPress. Notion is the storage and version control layer; WordPress is the distribution layer. If you ever need to republish, update, or audit, you have a source of truth that isn’t locked inside the WordPress database.

Handling WAF Blocks

Many managed WordPress hosts (WP Engine, SiteGround) run Web Application Firewalls that block API calls from cloud IP addresses. Symptoms: 403 Forbidden errors on POST requests, even with correct credentials. Two solutions: route API calls through a Cloud Run proxy service that presents a different IP profile, or whitelist your specific GCP IP range in the hosting provider’s WAF settings. For SiteGround specifically, direct whitelisting is the most reliable path — the proxy approach has mixed results due to SiteGround’s aggressive WAF configuration.

Schema and SEO Metadata

The WordPress REST API supports all Yoast SEO and Rank Math meta fields as post meta. To set SEO title, meta description, and schema markup programmatically, include the relevant meta fields in your POST payload. For Yoast: _yoast_wpseo_title and _yoast_wpseo_metadesc. For Rank Math: rank_math_title and rank_math_description. Inject JSON-LD schema directly into the post content as a <script type="application/ld+json"> block — it renders correctly on the front end and passes Google’s rich results validator.

Running Claude through Vertex AI on GCP is straightforward to set up for a solo developer. For a team deploying Claude in production, three infrastructure decisions matter significantly: project structure for billing, IAM configuration for access control, and quota management to avoid rate-limit failures. Here’s the setup that scales cleanly.

Project Structure: One Project for Claude

Create a dedicated GCP project for Claude workloads — separate from your main application project, your data pipeline project, and your development sandbox. This separation is the single most important decision for operational clarity. With a dedicated project you get: Claude API costs isolated on their own billing line, IAM permissions that only affect Claude access (not your entire infrastructure), quota limits and alerts scoped to Claude usage, and audit logs that only contain Claude-related activity.

Naming convention: company-claude-prod for production, company-claude-dev for development. Keep them separate — dev workloads shouldn’t share quotas with production.

IAM Configuration: Minimum Necessary Permissions

The role that grants Claude API access through Vertex AI is roles/aiplatform.user. That’s the only role needed for model invocation and token counting. Don’t assign broader roles like roles/aiplatform.admin or roles/editor to service accounts that only need to call Claude.

For team deployments, create one service account per application or environment — not one shared service account for everything. Example structure:

If a service account is compromised, you rotate one key without affecting other applications. If a developer leaves, you disable their specific account without touching production credentials.

Quota Management: Request Increases Before You Need Them

Vertex AI Claude quotas are set conservatively by default. The default quota for most regions is enough for development and testing, but production workloads — especially automated pipelines running multiple requests per minute — will hit limits. The 429 error (Resource exhausted) at peak load is one of the most common production failure modes.

Request quota increases before launch, not during an incident. Go to Cloud Console → IAM & Admin → Quotas, filter by “anthropic,” and request increases for the Claude models you’re deploying. Approval is typically same-day for standard business accounts. For the global endpoint, a good starting quota for a production team is 60 requests per minute for Sonnet 4.6 and 20 requests per minute for Opus 4.6.

Budget Alerts: Know Before It’s a Problem

Set a budget alert on your Claude GCP project before anything runs in production. Go to Billing → Budgets & Alerts, create a budget for the project, and set email alerts at 50%, 80%, and 100% of your expected monthly spend. Add a Pub/Sub notification if you want to automatically throttle or pause workloads when budget thresholds are hit.

A Claude content pipeline running at unexpected volume can burn through budget quickly — especially with Opus 4.6 at $25/million output tokens. Budget alerts are the safety net that turns a potential billing surprise into a manageable alert.

Cloud Logging: Keep the Audit Trail

Vertex AI API calls are logged to Cloud Logging by default. For regulated industries, explicitly configure log retention to match your compliance requirements — the default 30-day retention may not be sufficient. For SOC 2 or HIPAA environments, export logs to Cloud Storage for long-term archival. The log entries include model called, project, timestamp, and token counts — enough for a complete audit trail without exposing prompt content.

Claude Cowork’s value multiplies significantly when it’s connected to the services where your work actually lives. A Cowork task with no MCP connections can only work with files on your local machine. A task connected to Notion, Gmail, and Google Calendar can read your priorities, check your schedule, triage your inbox, and write outputs back to your workspace — automatically. Here’s how to wire the connections.

Where MCP Configuration Lives

All MCP servers are configured in a single file: claude_desktop_config.json. On Windows, this is at %APPDATA%\Claude\claude_desktop_config.json. On macOS, it’s at ~/Library/Application Support/Claude/claude_desktop_config.json. Open it in any text editor. If it doesn’t exist yet, create it. Claude Desktop reads this file at launch — any changes require a restart.

Connecting Notion

Notion MCP gives Cowork tasks read and write access to your Notion workspace — fetch pages, create pages, query databases, and update records.

Get your Notion API token from notion.so/my-integrations. Create an internal integration, copy the token, and add it to the config. Then share each Notion database or page you want Claude to access with that integration — Notion doesn’t give blanket workspace access, you grant it page by page.

Connecting Gmail

Gmail MCP lets Cowork tasks search threads, read emails, and create drafts. Setup requires a Google Cloud project with the Gmail API enabled and OAuth credentials configured.

First-run requires completing OAuth in a browser window. After that, the token refreshes automatically. Gmail MCP is read-heavy in most Cowork workflows — used primarily for triage and summary, not bulk sending.

Connecting Google Calendar

Calendar MCP provides today’s events, upcoming meetings, and schedule context for briefing and planning tasks.

If you’ve already set up Gmail MCP with Google OAuth credentials, Calendar MCP can reuse the same credentials file.

Verifying Your Connections

After updating the config and restarting Claude Desktop, open a new chat and ask: “What MCP servers do you have access to?” Claude will list the active connections. If a connection doesn’t appear, check the config file for JSON syntax errors — a single missing comma or bracket breaks the entire config. Use a JSON validator before restarting.

For Cowork specifically: start a task session and ask Claude to fetch a specific Notion page or list today’s calendar events. A successful response confirms the MCP connection is working for scheduled tasks, not just interactive chat.

Common Issues

MCP server not showing up: JSON syntax error in config, or the npx package failed to install. Run the npx command manually in a terminal to check for errors.

Notion pages returning empty: The integration hasn’t been granted access to that specific page. Go to the page in Notion, click the three-dot menu, and share it with your integration.

Gmail authentication loop: The OAuth token expired or the credentials file path is wrong. Delete the token file and re-authenticate.

Related: How Claude Cowork Can Actually Train Your Staff to Think Better — a 7-part series on using Cowork as a training tool across industries.

One of the most practical Cowork automation setups is a daily briefing task — a scheduled agent run that assembles your morning context before you start work. Here’s exactly how to build it.

What the Briefing Covers

A well-designed daily briefing task pulls from 3-5 sources and returns a single structured summary. Typical sections: today’s calendar events (from Google Calendar MCP), open priority tasks (from Notion MCP), any overnight emails that need a response (from Gmail MCP), one or two metrics worth knowing (from whatever dashboard you track), and a suggested priority order for the day. The whole thing arrives as a Notion page or appears in a Cowork run log by the time you open your laptop.

Step 1: Set Up Your MCP Connections

The briefing task needs read access to the services it pulls from. In Claude Desktop settings, confirm you have active MCP connections for the services you want to include. At minimum: Notion (for tasks and project status) and Google Calendar (for today’s schedule). Gmail is optional but adds significant value if you get time-sensitive emails. Configure these in claude_desktop_config.json before building the task.

Step 2: Write the Task Prompt

The prompt is the core of the task. It needs to be specific about what to pull, how to structure the output, and where to write it. A working prompt structure:

Step 3: Create and Schedule the Task

In Claude Desktop, open Cowork and create a new task. Paste your prompt. Set the schedule to daily at a time before you start work — 6:00 AM or 7:00 AM typically. Make sure Claude Desktop is configured to launch at startup on your machine so it’s running when the task fires. If your machine is off or sleeping when the task fires, it will be skipped — there’s no catch-up mechanism.

Step 4: Test It Manually First

Before relying on the scheduled run, trigger the task manually once. Verify it’s pulling from the right Notion database, writing to the correct parent page, and that the calendar and email integrations are connecting. Most first-run failures are MCP authentication issues — the MCP server needs to be authenticated with each service before the task can use it.

Iteration: Making It Better Over Time

The first briefing will be useful but imperfect. After a week of runs, refine the prompt based on what’s missing or what’s noise. Common refinements: add a “what’s overdue” check from Notion, filter email to only flag certain senders or subjects, add a weather check for field-based work, or include a one-line summary of the prior day’s Cowork run logs. Each iteration takes 5 minutes to update the prompt; the task runs better every week.

Related: How Claude Cowork Can Actually Train Your Staff to Think Better — a 7-part series on using Cowork as a training tool across industries.

There are now two ways to run Claude inside Notion: through Notion AI (where Anthropic’s models power Notion’s built-in AI features with workspace search enabled), and through direct Claude integration (where your Claude instance connects to Notion via the API or MCP). Most people assume these are equivalent — same Claude model, same output. They are not. The difference isn’t the model. It’s the context layer underneath it.

What “Inside the Database” Actually Means

When you use Notion AI with workspace search enabled, Claude (or another model) is operating with native Notion context. It can traverse relational links between databases the way a human would navigate a workspace — following a CRM record to its linked action items, pulling content pipeline data alongside revenue records, reading the inline comment threads that live on specific blocks. It doesn’t just retrieve documents; it understands the relationships between documents.

When you connect Claude to Notion via the API, Claude receives whatever data you explicitly fetch and pass to it. It reads exactly what you give it, nothing more. A cross-database synthesis requires you to make multiple API calls, stitch the data together, and pass the combined result. You are the relationship layer; Claude is the reasoning layer on top of your assembly work.

Real Test Results: The Same Task, Both Ways

We ran a structured test in March 2026 — asking multiple AI models inside Notion AI (with workspace search) to produce a complete client health summary across four databases simultaneously: Master CRM, WordPress Site Operations, Content Pipeline, and Revenue Pipeline. Then comparing what Claude via API alone could produce on the same client.

The result was not close on the first run. Notion AI with Claude Sonnet 4.6 took approximately 35 seconds and returned:

• Revenue Pipeline data ($2,000/month Closed Won)
• CRM contact details with email and phone
• WordPress ops: Health Score, post count, connection method, specific IPs
• A cumulative content table (Pre-2026: 30, Jan: 529, Feb: 375, Mar: 164 = 1,098 total)
• SEO performance comparison: Clicks +2,217%, SEO Value +3,028%, Keywords +271% (Dec 2025 vs Feb 2026)
• 7 prioritized attention items with a strategic bottom-line summary

Claude Opus 4.6 inside Notion earned what we graded S — executive intelligence tier. It opened with a strategic framing (“Overall Health: Needs Attention”), named all Notion sources it queried, built a full P0-P3 priority matrix with rationale, and surfaced findings none of the other models caught: a hardcoded phone number as the root cause of attribution gap, a missing contact form on the /contact-us/ page, and the exact date of each optimization action in the content workflow.

The single finding that made the difference: Opus 4.6 inside Notion connected a 403 error from an SEO drift detector to a specific operational blind spot — and traced it back to a configuration issue that had been invisible because it required reading both a monitoring log and an infrastructure record simultaneously. Claude via API would have needed those two documents explicitly fetched and merged before it could reason across them.

What Claude Inside Notion Can Do That External Claude Cannot

What External Claude Does Better

The inside-the-database advantage is real, but it’s not the whole story. Claude connected externally through the API or MCP has capabilities Notion AI cannot replicate:

Taking actions. Notion AI can read and summarize. External Claude can read, reason, and then act — publish a WordPress post, update a Metricool schedule, send an email, write a file to GCP. Notion AI is fundamentally a read and summarize layer. External Claude connected to tools is an execution layer.

Custom system prompts and instructions. External Claude sessions can be loaded with specific operational context, role definitions, and multi-step task chains. Notion AI’s model selection is relatively fixed — you pick the model, but you can’t deeply configure its behavior the way you can with a direct API call.

Model routing and cost control. External Claude lets you route specific tasks to specific model tiers — Haiku for bulk classification, Sonnet for standard work, Opus for strategic synthesis. Notion AI doesn’t expose that level of routing control to the user.

Automation and scheduling. External Claude runs in Cowork tasks, Cloud Run cron jobs, and triggered pipelines. Notion AI runs when a human opens a page and asks a question.

The Architecture That Gets the Most From Both

The most powerful setup is not a choice between them — it’s using both for what each does best. Notion AI with workspace search is the intelligence layer: the “eyes” that can synthesize across your entire knowledge base and surface what matters. External Claude is the execution layer: the “hands” that take action based on what the intelligence layer surfaces.

Practically: run a Notion AI query with Opus 4.6 to get the full client health picture and identify the top 3 priorities. Then hand those priorities to external Claude (via Cowork or a direct API call) to execute: draft the emails, update the records, publish the content. The separation of concerns — Notion AI for global workspace intelligence, external Claude for structured action — is more powerful than either alone.

One concrete implementation: a daily Cowork task that first calls the Notion MCP to fetch key database records, then passes that assembled context to Claude for action planning, then executes a task list. The fetch step approximates what Notion AI does natively, but you control exactly what gets assembled. For well-defined, repeating workflows, this is often sufficient. For exploratory synthesis (“give me the full picture across this client’s history”) where you don’t know in advance what’s relevant, Notion AI’s native traversal is materially better.

Model Performance Inside Notion AI (March 2026 Test)

The multi-model finding: no single model caught everything. Running the same query through three models and distilling their unique findings produced materially better intelligence than any single model alone. Opus 4.6 found the hardcoded phone number and missing contact form. GPT-5.2 found the CRM coverage gap and named specific people with deadlines. Sonnet 4.6 built the clearest data tables. Together: a complete operational picture.

Most Claude API usage works the same way: your application makes a call to api.anthropic.com across the public internet. For consumer apps and developer projects, that’s fine. For enterprises handling sensitive data — healthcare, finance, legal, government — “fine” isn’t the bar. The Fortress Architecture runs Claude inference through Google Cloud’s Vertex AI from inside a private VPC, so sensitive data never crosses a public network boundary.

The Core Architecture

Instead of calling the Anthropic API directly, your application calls Claude through Vertex AI from within a GCP Compute Engine VM or Cloud Run service inside your VPC. VPC Service Controls create a security perimeter around your Vertex AI resource. Requests to Claude stay inside that perimeter — they originate from your private network, route through Google’s internal infrastructure to Vertex AI, and return inside the same boundary.

From a data flow perspective: your application → private VPC → Vertex AI API (Google internal) → Claude model inference → back through VPC → your application. No public internet hop at any point.

Why a VM Instead of a Direct API Call

Running Claude through a VM — rather than a developer’s laptop or a serverless function with public internet access — gives you several properties that matter at enterprise scale:

Consistent identity. All Claude calls originate from a known service account with specific IAM permissions. There’s no risk of a developer accidentally using personal credentials or exposing an API key.

Network isolation. The VM sits inside a VPC with firewall rules. You control exactly what it can reach and what can reach it. No lateral movement from a compromised endpoint reaches your Claude integration.

Audit trail. Every Claude API call through Vertex AI generates Cloud Logging entries. You get a complete, immutable record of what was asked and when — essential for compliance in healthcare and financial services.

Centralized cost control. All AI spend flows through one GCP project with budget alerts and quotas. No shadow AI spending from individual developers using personal API keys.

Implementation Pattern

The standard setup: a Cloud Run service or Compute Engine VM runs your Claude-connected application code inside a VPC. A service account with roles/aiplatform.user is the only identity that can call Vertex AI. VPC Service Controls restrict Vertex AI access to requests originating from your perimeter. Cloud Logging captures all API activity. Budget alerts on the GCP project catch unexpected usage spikes.

The application code itself is straightforward — the Anthropic Python or Node.js SDK with the Vertex AI configuration flag set. The security comes from the infrastructure layer, not the application layer.

When This Architecture Is Worth the Setup

For a solo developer or small startup, this is overkill. The setup overhead — VPC configuration, service accounts, VPC Service Controls, Cloud Logging — is a full day of infrastructure work. For organizations where a data breach involving patient records, financial data, or privileged legal communications would be catastrophic, that day of setup is a trivial cost against the risk.

The categories where this architecture is essentially required: HIPAA-covered healthcare applications, financial services with SOC 2 or PCI requirements, legal services handling privileged communications, government contractors, and any application processing PII at scale.

The Real Operational Benefit Beyond Security

The compliance story is obvious. The less-discussed benefit is operational consistency. When all Claude usage flows through a single controlled channel, you get uniform behavior (same model version, same parameters, same rate limits), centralized prompt management (update the system prompt in one place, not in every developer’s local config), and predictable costs. The Fortress Architecture is as much an operational discipline as it is a security model. See The Fortress Architecture: Full Guide for the complete technical breakdown and Claude on Vertex AI: Why Route Through GCP for the Vertex AI setup.