I do not recommend doing this. It’s better if you authenticate your users, but you can make an api endpoint that posts a comment like this:
add_action('rest_api_init',
function () {
register_rest_route(
'api',
'api_post_comment',
array(
'methods' => 'GET',
'callback' => 'api_post_comment',
)
);
});
function api_post_comment() {
wp_insert_comment([
'comment_approved' => 0,
'comment_author' => 'test',
'comment_author_email' => '[email protected]',
'comment_author_IP' => $_SERVER['REMOTE_ADDR'],
'comment_content' => 'test',
'comment_parent' => 0,
'comment_post_ID' => 25084,
]);
}
You can learn more here:
https://developer.wordpress.org/reference/functions/wp_insert_comment/
and here:
https://developer.wordpress.org/rest-api/extending-the-rest-api/adding-custom-endpoints/