So what’s this new WP API
thing all about? Don’t we
already have one?
Right now, we have XML-RPC. It works but
is extremely hard to use and outdated.
Comparison to other WordPress API’s
• In a nutshell, JSON REST API’s have swept the
web becoming an almost standard. They are
extremely intuitive and provide an easy way to
distribute, collect, and modify data.
Why JSON REST API?
Let’s break it down a bit.
• It’s simply a way to describe data that is lightweight and
extremely easy to use. Arguably much easier to use than XML.
• REST (Representational State Transfer) is an architectural style
that dictates how HTTP and URI’s should be used and organized.
• Verbs and resources: GET /post/1
• Hypermedia as the Engine of Application State (HATEOAS) -
Server provides everything you need to know how to use it in a
• Actions are autonomous and do not depend on each other.
• Bottom line: RESTful API’s have become extremely popular
across the web. They are much easier to use than things like RPC
• An API (Application Programming Interface) is a
set of entry points that allow you to interact with a
platform (WordPress in this case).
And of course, API
Core integration (probably) in 4.1
First, install the plugin
What does the API allow
me to do?
Shows all the routes and endpoints available
Create, read, update, and delete posts
Create, read, update, and delete users
Create, read, update, and delete media items
Read taxonomies and terms
Create, read, update, and delete pages
The API is rich with
functionality. Explore the
Let’s look at a few key endpoints.
Takes a number of useful parameters:
• Filter: Accepts WP_Query arguments
• Page: Allows for pagination
• Context: Determines usage context i.e. “view or edit”
Edit A Post
curl -X PUT -H “Content-Type: application/json” -d ‘
"title": “Updated Title",
“content_raw": “Updated post content"
‘ -u admin:password http://example.com/wp-json/posts/<id>
We need to send a PUT request to this endpoint with
our post data. Of course we must authenticate before
Three ways to
• Cookie Authentication (client side)
• HTTP Basic Authentication
• OAuth 1
First install the WP Basic Auth Plugin:
Remember this piece of our cURL request?
That’s HTTP Basic Authentication! Essentially we are authenticating
by passing an HTTP header like this:
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Where that crazy looking string is username:password base64
only be used for testing!
First install the WP OAuth Plugin:
OAuth is outside of the scope of this talk. However, it
should be used instead of HTTP Basic Auth when
building external applications that interact with the API.
Rather than giving someone an account on your site,
you can give them temporary access with OAuth.
Create A Post
curl -X POST -H “Content-Type: application/json” -d ‘
“content_raw": “Post content"
‘ -u admin:password http://example.com/wp-json/posts/
Notice we are using a POST request this time.
• It means _s_backbone is a starter theme with
infinite scroll built-in using the WP API Backbone
• Infinite scroll is the concept of loading multiple
rounds of entities without reloading the page.
What does this mean?
Let’s look at some code!
plugin to display your site’s posts. You will first need
to have JSON REST API for WordPress installed and
If you learned nothing
so far, know this:
You can do amazing things with the JSON REST
API for WordPress.
With core integration and ~23% of the web using
this API in the near future, you will have much
easier access to data across the web.