Purpose of the Article: To Learn about WordPress Rest APIs

Intended Audience: PHP Developers

Tools and Technology: WordPress

Keywords: WordPress Rest API

What Is API?

APIs are the interfaces that allow two programs to communicate with each other. Your browser requests the web server hosting the site to inter-communicate, whenever you visit that website. The server’s API receives your browser’s request, interprets it, and sends back all the data required to display your site.

What Is a REST API?

The WordPress REST API is an Application Programming Interface. REST is an acronym for “Representational State Transfer”, which describes how your application’s data is modeled as interrelated objects and collections. The REST API for WordPress exposes REST endpoints (URLs) representing posts, pages, taxonomies, and other built-in WordPress data types. Using JSON data you can use these endpoints to query, modify, and create content on your site. The JSON data format is an open standard and has the appearance of Objects in JavaScript. It is lightweight and human readable. If you request or send content through the API, the response will also be in JSON. There are many programming languages that support JSON, so WordPress applications can be created using client-side JavaScript (like the block editor), mobile apps, desktop or command-line tools.

All APIs handle requests and return responses, as I have explained. This means a client requests an action from the API, and the API executes that request. Each API performs this action differently. Using simple HTML methods (or commands), REST APIs are designed to receive and respond to specific types of requests.

These are some of the most important and basic HTML methods that a client can send:

HTML Methods:

GET: This command retrieves a resource from a server (for example, data).

• To fetch a list of published pages on your site

GET – https://website.com/wp-json/wp/v2/posts/?status=published

• To fetch the latest posts on your site

GET – https://website.com/wp-json/wp/v2/posts/?per_page=1

Example:

POST: With this, the client requests for a resource on the server.

• To add a post to your website

POST – https://website.com/wp-json/wp/v2/posts/

• To add a page to your website

POST – https://website.com/wp-json/wp/v2/posts/pages

Example:

PUT: The PUT command lets you edit or update resources that already exist on the server.

• Take the example of the number of draft posts on your site. You want to make one of them public. To begin, get a list of the draft posts:

POST https://website.com/wp-json/wp/v2/posts/?status=”draft“

• There is a list of all current draft posts on the website. To change the status of one of them, use its ID:

PUT https://website.com/wp-json/wp/v2/posts/200

Example:

DELETE: As the name implies, this removes a resource from the server.

• When you use it to delete a post, it will put it in trash instead of permanently deleting it. To put it simply, if you wanted to move the post you just created to  trash, you would use this:

DELETE https://website.com/wp-json/wp/v2/posts/200

Example:

Authentication With the WordPress REST API:

WordPress’ REST API offers several options for authentication, each with a specific purpose.

• Basic Authentication
• OAuth Authentication
• Cookie Authentication

Basic Authentication:

Basic authentication refers to HTTP authentication in which credentials are sent along with the request.

Postman is a powerful tool for connecting to, testing, and working with any API. To authenticate your request, go to the Authorization tab below the address bar:

Authenticated requests can be sent by clicking the Authorization button below the address bar:

After updating the authentication the Headers tab will now include a header field for the encoded username/password string.

OAuth Authentication:

• Traditionally, authentication involves two entities: the client and the resource/service provider.
• Clients will be web applications, services or users, whereas Resource/Service Providers will have access to the desired resources or services.
• A Client authenticates itself with the Resource Provider by providing appropriate credentials. While this is a simple process, a security breach is possible.

Cookie Authentication:

WordPress currently uses cookies to authenticate users and their activities.

To disable the WordPress REST API:

You can include code in a theme’s functions file or create your plugin. As this isn’t theme-specific functionality, creating a plugin is better –

Just include the following lines:

add_filter( ‘json_enabled’, ‘__return_false’ );

add_filter( ‘json_jsonp_enabled’, ‘__return_false’ );

To enable REST API to custom post type:

Add this line while creating postype.

“show_in_rest” = true;

Advantages of WordPress REST API:

It is even possible to create web apps with the Backbone model and AngularJS that allow them to manipulate data on the site.

Below are some examples of WordPress REST API implementations:

• Single Page Applications
• Mobile Apps
• Server-Side Platforms