TL;DR: You can’t auto-publish to Medium through its official API anymore. Medium closed the API to new integrations back in 2023, and its own WordPress plugin was discontinued years before that. What’s left is Medium’s manual import tool for occasional syndication, or driving your own logged-in browser session for anything closer to a real publishing workflow.
A writer who cross-posts a new article to their own blog, dev.to, and Medium by hand knows exactly where the friction is: Medium’s editor doesn’t take raw Markdown, so every cross-post means reformatting headers, re-uploading the cover image, and manually pasting in a canonical link. Multiply that by twice a week and it’s a real chunk of a writing schedule. The obvious fix, a script that posts straight to the article, runs into a wall almost immediately: Medium doesn’t hand out API access for that anymore.
Medium’s public API has been closed to new integrations for years
Medium published an official OAuth2 API and a GitHub docs repository for it, and for a while it worked the way you’d expect: request a token, POST your article, done. That repository was archived on March 2, 2023, and the notice at the top of it is blunt: “The Medium API is no longer supported. We do not recommend using it.” A separate line in the same docs is even more direct about new projects: “We don’t allow any new integrations with our API.”
Medium does still describe self-issued integration tokens, but the docs scope them narrowly, to “desktop integrations where implementing browser-based authentication is non-trivial, or software like plugins where it is impossible to secure a client secret,” and add that you shouldn’t ask a user for one if your use case doesn’t fit that description. In practice, that rules out the standard pattern of “generate a key, drop it in a CI secret, post from a script” that works fine on dev.to or most other blogging platforms.
Why the usual workarounds don’t hold up either
Before the API closed off, the most common fix for auto-posting to Medium was Medium’s own WordPress plugin. It was abandoned in 2017 and pulled from the WordPress plugin directory in 2019, so it isn’t an option for a current WordPress-to-Medium pipeline either.
What’s left mostly routes through Medium’s manual “Import a story” tool, which pulls in a published URL and, usefully, sets the canonical link automatically so search engines keep pointing at your original. That’s the safest way to get a piece onto Medium without losing your own SEO credit; Google’s own guidance on specifying a canonical URL explains why skipping that step lets a duplicate copy compete with the source for ranking. But “Import a story” is a manual click in Medium’s UI, not an API call, so it doesn’t solve automation. Third-party schedulers that claim to auto-post to Medium are generally driving an RSS feed through a browser automation layer of their own, which is close to what a logged-in session does anyway, just wrapped in someone else’s product.
What a local, logged-in session changes
The Medium API alternative that actually holds up isn’t a workaround at all. Instead of asking Medium for API access that isn’t on offer, PublishPort’s client runs on your own machine and uses the browser session you’re already logged into Medium with. An AI agent gets two tools: local_bash to run a command, and list_capabilities to see what’s available, opencli medium covering search, drafts, and publish among them. The AI reads the tool’s own --help output the way a person would, then runs it the same way you’d click “Publish” yourself.
That sidesteps the entire question of whether Medium will issue you a token, because nothing about it depends on Medium’s API surface at all. It also means Medium, dev.to, and Hashnode go through the same login-based model instead of three different auth schemes, which is the same approach we covered for automating dev.to posts since dev.to’s official API and Medium’s closed one sit at opposite ends of the same problem. The client itself is a free download; the paid tier is what lets a cloud AI reach your machine to run the command.
Setting it up
- Install the PublishPort client and let it pick up your existing Chrome profile.
- Log into Medium normally in that browser, the way you already do to write a story.
- Confirm the capability:
list_capabilitiesshould listopencli mediumwith publish support. - Hand the AI your draft, including a canonical URL if the piece originated on your own blog rather than being written for Medium directly.
- Let it run
local_bashto publish or save a draft, then check the live story the same way you would after posting by hand.
Limits worth stating plainly
Driving Medium through your own session doesn’t turn off Medium’s own moderation or spam detection. It’s still your account publishing, so posting bursts, thin reposts, or content that reads as low-effort duplication can still get flagged the same as if you’d typed it in yourself. Always set a canonical URL when a story started life elsewhere; skip it and the Medium copy can end up outranking the original in search, which is the opposite of what cross-posting is supposed to do. None of this is a claim that automated publishing is invisible to a platform actively watching for bot-like behavior. It removes one integration to manage, not Medium’s rules.
Before you publish:
- Canonical URL is set if this piece isn’t originally a Medium story
- Formatting (headers, cover image, tags) matches what you’d set by hand
- You’re not batch-importing a backlog of old posts in one sitting
- You’ve confirmed the session is still logged in, not expired
FAQ
Does Medium still have a public API for publishing?
The API technically still runs for existing integrations, but Medium’s own documentation says it’s no longer supported and that new integrations aren’t allowed. Its GitHub docs repository was archived in 2023 with a notice recommending against using it at all.
Can I still auto-post to Medium from WordPress?
Not through an official plugin. Medium’s own WordPress integration was abandoned in 2017 and removed from the WordPress plugin directory in 2019. Third-party WordPress plugins that claim to post to Medium are working around the closed API, not through it.
What does the canonical URL do when I cross-post to Medium?
It tells Medium and search engines that the original version of the article lives at your own URL, so ranking credit stays with your site instead of splitting between two copies. Google’s canonicalization guidance covers the underlying mechanism in detail.
Will Medium flag automated publishing as spam?
Automation itself isn’t the trigger. What gets flagged is the same thing that gets a human account flagged: unformatted duplicate posts with no canonical link, or a burst of stories published faster than a person plausibly would write them.
Is there a way to schedule posts on Medium?
Not through any current official API. Scheduling on Medium today means either publishing at the moment your automation runs, or having someone (or an AI agent with access to your logged-in session) trigger the publish action at the time you want.
