1. WP API, what is it good for?
Absolutely Everything!
Slides available: https://circlecube.com/does-wordpress/
WordCamp Birmingham - 29 October 2016

2. Introductions
Evan Mullins
Lead Web Developer
Brown Bag Marketing
@circlecube
circlecube.com
WordPress user since 2006
Full-time web developer since 2007

5. API
An (API) is a set of
subroutine definitions, protocols, and tools for building software and applications. A
good API makes it easier to develop a program by providing all the building blocks,
which are then put together by the programmer.
An API is best thought of as a contract provided by one piece of software to another.

7. And growing!
October 2016 hits 16,000 apis

8. REST
It describes how one system can communicate state with another. One example would
be the state of a product (its name, description etc) represented as JSON. The
generalised idea of state is termed a resource.

9. JSON
is a lightweight data-interchange format.
It is easy for humans to read and write. It is easy for machines to parse and generate. It
is a text format that is completely language independent but uses conventions that are
familiar to programmers. These properties make JSON an ideal data-interchange
language.
JSON is built on two structures:
● A collection of name/value pairs. (object).
● An ordered list of values. (array).

11. WP REST API

12. WordPress is moving towards becoming a
fully-fledged application framework, and we need
new APIs.
This project was born to create an easy-to-use,
easy-to-understand and well-tested framework
for creating these APIs, plus creating APIs for
core.

13. This plugin provides an easy to use REST API,
available via HTTP.
Grab your site’s data in simple JSON format,
including users, posts, taxonomies and more.
Retrieving or updating data is as simple as
sending a HTTP request.

14. Want to get your site’s posts?
Simply send a GET request to

15. Update user with ID 4?
Send a POST request to
/wp-json/wp/v2/users/4

16. Get all posts with the search term “awesome”?
GET
/wp-json/wp/v2/posts?search=awesome
It’s that easy.

17. The API exposes a simple yet easy interface to
WP Query, the posts API, post meta API, users
API, revisions API and many more.
Chances are, if you can do it with WordPress,
WP API will let you do it.

18. What’s with the V2?

19. A little history
Ryan McCue started development on an API, and then proposed a WordPress JSON
REST API Project for GSOC in April 2013 (when WordPress was on version 3.5).
Version 2.0 of the plugin rebuilt the first with lessons learned. The infrastructure
merged into WordPress core in version 4.4 (December 2015).

20. A little history
Although, it was proposed for 4.5, the
merge was delayed in order to build it out
with more endpoints. The REST API is
slated for inclusion in 4.7 after
considerable discussion and planning.
Authentication and further integration
with core will be a focus of 4.8.
Until 4.7 when this is officially merged into
core (December-ish 2016), we’ll need to
install the REST API feature Plugin.

21. It about to be real!
Did you catch that?
The REST API merging into
WordPress core.
In 4.7!
That’s a big deal!

22. WP
REST
API
Plugin
(for now)

23. Resources
https://github.com/WP-API/WP-API

24. Resources
http://v2.wp-api.org/

25. Slack Channel

26. Get Started Today Post 4.7
1. Install the plugin
2. Play
a. yoursite.com/wp-json/wp/v2/
1. Install the plugin
2. Play
a. yoursite.com/wp-json/wp/v2/

27. Install
The
Plugin
Need to do this
until the API
endpoints are
merged into core.

29. Nutshell
So in a nutshell, rather than getting your content or data via a
webpage as part of a website with php, html, css and javascript,
you can use whatever you want and retrieve your data via the
API. You’ll get json data that is compact and fast to transfer and
then you can do endless things with it. Create an app, load it into
another website, analyze it as data… it’s a great step for
WordPress and a great step to continuing democratizing the web.

31. Tools
Postman -
HTTP or
API client
Also: REST Easy for Firefox or httpie for the command line

32. Back to WordPress
The plugin/API exposes your data in JSON format in the following content types:
Posts
Pages
Media
Custom Post Types
Post Meta
Revisions
Comments
Terms
Users

33. Routes / Endpoints
Endpoints are functions available through the API and are simply urls. This can be
things like retrieving the API index, updating a post, or deleting a comment. Endpoints
perform a specific function, taking some number of parameters and return data to the
client.
A route is the “name” you use to access endpoints, used in the URL. A route can have
multiple endpoints associated with it, and which is used depends on the HTTP verb.

34. Routes / Endpoints Example
With the URL
The “route” is (the route doesn’t include wp-json because wp-json
is the base path for the API itself.)
This route has 3 endpoints:
● triggers a get_item method, returning the post data to the client.
● triggers an update_item method, taking the data to update, and returning the
updated post data.
● triggers a delete_item method, returning the now-deleted post data to the
client.

35. get list of latest posts
retrieve a single post
GET - to read data

37. Standard arguments as you’d expect and more
, , , , , , ,
, , etc
GET

38. PUT - to create or update data
create post
update existing post

39. DELETE - to trash

40. Authentication

41. Authentication
When and why would you need this?
Internal wp code (plugin/theme development) use cookies.
External code (using wp api as service) use oauth.

42. Authentication
If you are building a theme or a plugin and want to access
the API of the same site where the theme or plugin will be,
you’ll want to authenticate with a cookie.
Use a nonce (WordPress security token) to connect to a
local API if your theme or plugin wants to connect to the
API of the site it’s on via ajax.

43. Nonce?
A nonce is a "number used once" or one-time token generated by a web site to identify
future requests to that site.
WordPress nonces aren't numbers, but are a hash made up of numbers and letters.
Nor are they used only once, but have a limited "lifetime" after which they expire.
WordPress's security tokens are called "nonces" despite the above noted differences
from true nonces, because they serve much the same purpose.

44. Authentication
Write a nonce in a
with
and then pass that nonce
value in your header.

45. The nonce in action

46. Authentication
Write a nonce in a
with
and then pass that
nonce value in your
header.

47. OAuth example here please

48. Authentication
OAuth authentication is the main authentication handler used for external clients. It
requires installing the OAuth plugin on the site which then handles authorizations and
tokens.
For examples on how to use OAuth Authentication checkout the Demo PHP API
Client, the CLI client or the API console.

49. WP REST API
OAuth 1.0a
Plugin

51. 1. Discovery

52. 2. Input Credentials

54. 3. Authorized and Connected

56. Extend - Do More
Modifying Responses
Adding Endpoints
Custom Content Types

57. ACF to API
Get ACF custom
fields to display in
your post JSON
easily with this
plugin!

60. Examples with Under the Hood Code
1. Mobile App - Content via WP
2. WordPress Plugin - Sitemapper
3. External site - Content via WP
4. WordPress Plugin - using js client

62. Mobile App - US Presidents
An app will test your knowledge and teach you the Presidents of the USA – powered
with WordPress via
the REST API.

63. US Presidential Mobile App

66. Plugin - Sitemapper
An in-house plugin at Brown Bag
Marketing to quickly get up and
running with a new WordPress site in
our prototyping and wireframing
multisite.
Construct your sitemap and the plugin
will create a new site (in the multisite
network) and via the API create new
pages according to the supplied
sitemap.

68. External Site - Digital Dashboard
Angular web app built at
Brown Bag Marketing to
display live stats about a
bunch of sites. Connects
to sites like pingdom,
analytics etc, . The sites
are stored in WordPress
as a CPT and loaded
dynamically and it has
featured content that’s
pulled from the WP API.

71. Plugin - Revision Browser
Browse WordPress revisions on the
front-end of your website!
The REST API includes a
JavaScript/Backbone client library, which
provides an interface for the WP REST
API by providing Backbone Models and
Collections for all endpoints exposed the
API Schema.

73. Examples

74. Story Corps.me
https://10up.com/blog/2015/scaling-storycorps-wordpress-json-api/ &
https://poststatus.com/how-storycorps-uses-wordpress-to-enable-storytelling-everywhere/

75. Calypso

76. NYTimes
http://www.slideshare.net/ScottTaylor1/rest-in-action-the-live-coverage-platform-at-the-new-york-times

77. Nomadbase.io

78. Custom
Contact
Forms
Plugin
https://wptavern.com/custom-contact-forms-plugin-passes-1-million-downloads-on-wordpress-org

79. Event
Espresso
4

80. WP
Live
Search

81. ACF to
REST API

83. A WordPress REST API White Paper
by Human Made
Additional Reading

84. The ultimate guide to the WordPress REST API
By Josh Pollock (Torque)
Additional Reading

85. Questions, Comments, More (better) Examples, Discuss
?

86. More Additional Reading
● http://v2.wp-api.org/reference/posts/
● https://demo.wp-api.org/
● https://deliciousbrains.com/creating-mobile-app-wp-api-react-native/
● https://css-tricks.com/wp-rest-api-remote-control-wordpress/
● https://wpshout.com/guide-wordpress-rest-api-interview-josh-pollock/
● https://code.tutsplus.com/tutorials/introducing-the-wp-rest-api--cms-24533
● https://www.sitepoint.com/wp-api/
● https://webdevstudios.com/2016/01/05/an-overview-of-the-wordpress-json-api-version-2/
● https://www.wpkube.com/implementations-wp-rest-api/

87. Thank You
!
Slides available at https://circlecube.com/does-wordpress/