The WordPress REST API is a powerful tool that allows developers to interact with WordPress from external applications or services. It enables the creation, reading, updating, and deleting of WordPress content and data via HTTP requests, typically in JSON format. This is an essential tool for building custom themes, plugins, and integrations, as it allows external applications or websites to communicate with a WordPress site. Here’s a guide on how to use the WordPress REST API for custom development.
1. Understanding the WordPress REST API
The WordPress REST API is built on top of HTTP methods (GET, POST, PUT, DELETE) and is structured around endpoints, which allow you to perform CRUD (Create, Read, Update, Delete) operations on various resources, such as posts, pages, users, and custom data types.
Here are some key components:
- Endpoint: The URL that provides access to the API resource.
- HTTP Methods: These determine the type of operation you want to perform (GET for reading data, POST for creating data, PUT for updating data, DELETE for removing data).
- Authentication: WordPress REST API supports several types of authentication methods, including cookie-based authentication, OAuth, and application passwords.
2. Accessing the WordPress REST API
To get started, you’ll first need to understand how to access the API. By default, the WordPress REST API is available at:
https://yourdomain.com/wp-json/wp/v2/
Here, wp-json is the namespace for the REST API, and wp/v2 is the version of the API.
For example, if you want to get all posts on a WordPress site, you can make a GET request to:
https://yourdomain.com/wp-json/wp/v2/posts
This would return all posts in a JSON format.
3. Making a GET Request
GET requests are used to retrieve data from WordPress. For example, if you want to fetch a list of posts, you would do it like this:
fetch('https://yourdomain.com/wp-json/wp/v2/posts')
.then(response => response.json())
.then(data => console.log(data));
This code snippet uses JavaScript’s fetch API to make the GET request and outputs the response to the console.
Example response:
[
{
"id": 1,
"date": "2025-03-21T00:00:00",
"slug": "hello-world",
"title": {
"rendered": "Hello World"
},
"content": {
"rendered": "<p>This is your first post.</p>"
}
}
]
4. Making a POST Request
To create new data, such as a post or custom post type, you use a POST request. WordPress requires authentication to create or modify data. You can authenticate using a method like Application Passwords or OAuth.
Example POST request to create a new post:
fetch('https://yourdomain.com/wp-json/wp/v2/posts', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_TOKEN', // Use OAuth or Application Passwords for authentication
},
body: JSON.stringify({
title: 'My New Post',
content: 'This is the content of the post.',
status: 'publish',
}),
})
.then(response => response.json())
.then(data => console.log(data));
This code snippet sends a POST request to the /posts endpoint to create a new post with the title “My New Post” and content “This is the content of the post.”
5. Making a PUT Request
PUT requests are used to update existing data. For example, if you want to update a post’s title, you can use a PUT request like this:
fetch('https://yourdomain.com/wp-json/wp/v2/posts/1', {
method: 'PUT',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer YOUR_TOKEN',
},
body: JSON.stringify({
title: 'Updated Post Title',
}),
})
.then(response => response.json())
.then(data => console.log(data));
In this example, the 1 in the endpoint corresponds to the ID of the post being updated. This request changes the title of the post with ID 1.
6. Making a DELETE Request
DELETE requests are used to remove existing data. For example, if you want to delete a post, you can send a DELETE request like this:
fetch('https://yourdomain.com/wp-json/wp/v2/posts/1', {
method: 'DELETE',
headers: {
'Authorization': 'Bearer YOUR_TOKEN',
},
})
.then(response => response.json())
.then(data => console.log(data));
This will delete the post with the ID 1 from your WordPress site.
7. Creating Custom Endpoints
While WordPress provides many built-in endpoints, you might need to create custom endpoints for your application. This is done by defining your own routes and callbacks in your plugin or theme.
Here’s an example of creating a custom endpoint:
// Hook into the REST API initialization action to register our custom endpoint
add_action( 'rest_api_init', function() {
register_rest_route( 'custom/v1', '/greeting/', array(
'methods' => 'GET',
'callback' => 'get_custom_greeting',
) );
} );
// Define the callback function for the custom endpoint
function get_custom_greeting() {
return new WP_REST_Response( 'Hello from the custom API endpoint!', 200 );
}
In this example:
- We create a custom route under the namespace
custom/v1with the endpoint/greeting/. - When a GET request is made to
/wp-json/custom/v1/greeting/, it will return a simple greeting message.
8. Handling Authentication
If you want to interact with the REST API beyond just reading public data (e.g., creating or updating posts), you’ll need to authenticate.
- Cookie Authentication: This is the default method when making requests from the same domain.
- Application Passwords: WordPress allows users to generate application passwords for secure API access. You can create and use these from the user profile page in the WordPress admin.
- OAuth: For more advanced use cases, such as integrating with third-party applications, OAuth can be used.
For basic development, using Application Passwords is often sufficient. You can pass your application password as a part of the Authorization header:
Authorization: Basic base64_encode( 'username:application_password' )
9. Using the WordPress REST API for Custom Development
Here are some practical use cases for leveraging the WordPress REST API:
- Headless WordPress: You can use the REST API to serve content to a front-end built with a JavaScript framework like React, Vue, or Angular.
- Mobile Applications: You can build mobile apps that communicate with your WordPress site to display and manage content.
- Integrations: The REST API makes it easy to integrate WordPress with third-party services or APIs. For example, syncing data with external CRM systems, social media platforms, or e-commerce stores.
Conclusion
The WordPress REST API is an essential tool for custom development. Whether you’re building a custom plugin, theme, mobile app, or integrating with other services, it allows you to interact with WordPress content and data in a flexible, scalable way. By mastering how to make GET, POST, PUT, and DELETE requests, you can take full advantage of the REST API to create powerful applications and websites.
