WordCamp Birmingham 2016 - WP API, What is it good for? Absolutely Everything!

1. WP API, what is it good for? Absolutely Everything! Slides available: https://circlecube.com/does-wordpress/ WordCamp Birmingham - 29 October 2016

2. Introductions Evan Mullins Lead Web Developer Brown Bag Marketing @circlecube circlecube.com WordPress user since 2006 Full-time web developer since 2007

3. API An (API) is a set of subroutine definitions, protocols, and tools for building software and applications. A good API makes it easier to develop a program by providing all the building blocks, which are then put together by the programmer. An API is best thought of as a contract provided by one piece of software to another.

4. And growing! October 2016 hits 16,000 apis

5. REST It describes how one system can communicate state with another. One example would be the state of a product (its name, description etc) represented as JSON. The generalised idea of state is termed a resource.

6. JSON is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is a text format that is completely language independent but uses conventions that are familiar to programmers. These properties make JSON an ideal data-interchange language. JSON is built on two structures: ● A collection of name/value pairs. (object). ● An ordered list of values. (array).

7. WP REST API

8. WordPress is moving towards becoming a fully-fledged application framework, and we need new APIs. This project was born to create an easy-to-use, easy-to-understand and well-tested framework for creating these APIs, plus creating APIs for core.

9. This plugin provides an easy to use REST API, available via HTTP. Grab your site’s data in simple JSON format, including users, posts, taxonomies and more. Retrieving or updating data is as simple as sending a HTTP request.

10. Want to get your site’s posts? Simply send a GET request to

11. Update user with ID 4? Send a POST request to /wp-json/wp/v2/users/4

12. Get all posts with the search term “awesome”? GET /wp-json/wp/v2/posts?search=awesome It’s that easy.

13. The API exposes a simple yet easy interface to WP Query, the posts API, post meta API, users API, revisions API and many more. Chances are, if you can do it with WordPress, WP API will let you do it.

14. What’s with the V2?

15. A little history Ryan McCue started development on an API, and then proposed a WordPress JSON REST API Project for GSOC in April 2013 (when WordPress was on version 3.5). Version 2.0 of the plugin rebuilt the first with lessons learned. The infrastructure merged into WordPress core in version 4.4 (December 2015).

16. A little history Although, it was proposed for 4.5, the merge was delayed in order to build it out with more endpoints. The REST API is slated for inclusion in 4.7 after considerable discussion and planning. Authentication and further integration with core will be a focus of 4.8. Until 4.7 when this is officially merged into core (December-ish 2016), we’ll need to install the REST API feature Plugin.

17. It about to be real! Did you catch that? The REST API merging into WordPress core. In 4.7! That’s a big deal!

18. WP REST API Plugin (for now)

19. Resources https://github.com/WP-API/WP-API

20. Resources http://v2.wp-api.org/

21. Slack Channel

22. Get Started Today Post 4.7 1. Install the plugin 2. Play a. yoursite.com/wp-json/wp/v2/ 1. Install the plugin 2. Play a. yoursite.com/wp-json/wp/v2/

23. Install The Plugin Need to do this until the API endpoints are merged into core.

24. Nutshell So in a nutshell, rather than getting your content or data via a webpage as part of a website with php, html, css and javascript, you can use whatever you want and retrieve your data via the API. You’ll get json data that is compact and fast to transfer and then you can do endless things with it. Create an app, load it into another website, analyze it as data… it’s a great step for WordPress and a great step to continuing democratizing the web.

25. Tools Postman - HTTP or API client Also: REST Easy for Firefox or httpie for the command line

26. Back to WordPress The plugin/API exposes your data in JSON format in the following content types: Posts Pages Media Custom Post Types Post Meta Revisions Comments Terms Users

27. Routes / Endpoints Endpoints are functions available through the API and are simply urls. This can be things like retrieving the API index, updating a post, or deleting a comment. Endpoints perform a specific function, taking some number of parameters and return data to the client. A route is the “name” you use to access endpoints, used in the URL. A route can have multiple endpoints associated with it, and which is used depends on the HTTP verb.

28. Routes / Endpoints Example With the URL The “route” is (the route doesn’t include wp-json because wp-json is the base path for the API itself.) This route has 3 endpoints: ● triggers a get_item method, returning the post data to the client. ● triggers an update_item method, taking the data to update, and returning the updated post data. ● triggers a delete_item method, returning the now-deleted post data to the client.

29. get list of latest posts retrieve a single post GET - to read data

30. Standard arguments as you’d expect and more , , , , , , , , , etc GET

31. PUT - to create or update data create post update existing post

32. DELETE - to trash

33. Authentication

34. Authentication When and why would you need this? Internal wp code (plugin/theme development) use cookies. External code (using wp api as service) use oauth.

35. Authentication If you are building a theme or a plugin and want to access the API of the same site where the theme or plugin will be, you’ll want to authenticate with a cookie. Use a nonce (WordPress security token) to connect to a local API if your theme or plugin wants to connect to the API of the site it’s on via ajax.

36. Nonce? A nonce is a "number used once" or one-time token generated by a web site to identify future requests to that site. WordPress nonces aren't numbers, but are a hash made up of numbers and letters. Nor are they used only once, but have a limited "lifetime" after which they expire. WordPress's security tokens are called "nonces" despite the above noted differences from true nonces, because they serve much the same purpose.

37. Authentication Write a nonce in a with and then pass that nonce value in your header.

38. The nonce in action

39. Authentication Write a nonce in a with and then pass that nonce value in your header.

40. OAuth example here please

41. Authentication OAuth authentication is the main authentication handler used for external clients. It requires installing the OAuth plugin on the site which then handles authorizations and tokens. For examples on how to use OAuth Authentication checkout the Demo PHP API Client, the CLI client or the API console.

42. WP REST API OAuth 1.0a Plugin

43. 1. Discovery

44. 2. Input Credentials

45. 3. Authorized and Connected

46. Extend - Do More Modifying Responses Adding Endpoints Custom Content Types

47. ACF to API Get ACF custom fields to display in your post JSON easily with this plugin!

48. Examples with Under the Hood Code 1. Mobile App - Content via WP 2. WordPress Plugin - Sitemapper 3. External site - Content via WP 4. WordPress Plugin - using js client

49. Mobile App - US Presidents An app will test your knowledge and teach you the Presidents of the USA – powered with WordPress via the REST API.

50. US Presidential Mobile App

51. Plugin - Sitemapper An in-house plugin at Brown Bag Marketing to quickly get up and running with a new WordPress site in our prototyping and wireframing multisite. Construct your sitemap and the plugin will create a new site (in the multisite network) and via the API create new pages according to the supplied sitemap.

52. External Site - Digital Dashboard Angular web app built at Brown Bag Marketing to display live stats about a bunch of sites. Connects to sites like pingdom, analytics etc, . The sites are stored in WordPress as a CPT and loaded dynamically and it has featured content that’s pulled from the WP API.

53. Plugin - Revision Browser Browse WordPress revisions on the front-end of your website! The REST API includes a JavaScript/Backbone client library, which provides an interface for the WP REST API by providing Backbone Models and Collections for all endpoints exposed the API Schema.

54. Examples

55. Story Corps.me https://10up.com/blog/2015/scaling-storycorps-wordpress-json-api/ & https://poststatus.com/how-storycorps-uses-wordpress-to-enable-storytelling-everywhere/

56. Calypso

57. NYTimes http://www.slideshare.net/ScottTaylor1/rest-in-action-the-live-coverage-platform-at-the-new-york-times

58. Nomadbase.io

59. Custom Contact Forms Plugin https://wptavern.com/custom-contact-forms-plugin-passes-1-million-downloads-on-wordpress-org

60. Event Espresso 4

61. WP Live Search

62. ACF to REST API

63. A WordPress REST API White Paper by Human Made Additional Reading

64. The ultimate guide to the WordPress REST API By Josh Pollock (Torque) Additional Reading

65. Questions, Comments, More (better) Examples, Discuss ?

66. More Additional Reading ● http://v2.wp-api.org/reference/posts/ ● https://demo.wp-api.org/ ● https://deliciousbrains.com/creating-mobile-app-wp-api-react-native/ ● https://css-tricks.com/wp-rest-api-remote-control-wordpress/ ● https://wpshout.com/guide-wordpress-rest-api-interview-josh-pollock/ ● https://code.tutsplus.com/tutorials/introducing-the-wp-rest-api--cms-24533 ● https://www.sitepoint.com/wp-api/ ● https://webdevstudios.com/2016/01/05/an-overview-of-the-wordpress-json-api-version-2/ ● https://www.wpkube.com/implementations-wp-rest-api/

67. Thank You ! Slides available at https://circlecube.com/does-wordpress/