Purpose of the Article: To Learn about WordPress Rest APIs
Intended Audience: PHP Developers
Tools and Technology: WordPress
Keywords: WordPress Rest API
What Is API?
APIs are the interfaces that allow two programs to communicate with each other. Your browser requests the web server hosting the site to inter-communicate, whenever you visit that website. The server’s API receives your browser’s request, interprets it, and sends back all the data required to display your site.
What Is a REST API?
All APIs handle requests and return responses, as I have explained. This means a client requests an action from the API, and the API executes that request. Each API performs this action differently. Using simple HTML methods (or commands), REST APIs are designed to receive and respond to specific types of requests.
These are some of the most important and basic HTML methods that a client can send:
GET: This command retrieves a resource from a server (for example, data).
- To fetch a list of published pages on your site
- To fetch the latest posts on your site
POST: With this, the client requests for a resource on the server.
- To add a post to your website
POST – https://website.com/wp-json/wp/v2/posts/
- To add a page to your website
PUT: The PUT command lets you edit or update resources that already exist on the server.
- Take the example of the number of draft posts on your site. You want to make one of them public. To begin, get a list of the draft posts:
- There is a list of all current draft posts on the website. To change the status of one of them, use its ID:
DELETE: As the name implies, this removes a resource from the server.
- When you use it to delete a post, it will put it in trash instead of permanently deleting it. To put it simply, if you wanted to move the post you just created to trash, you would use this:
Authentication With the WordPress REST API:
WordPress’ REST API offers several options for authentication, each with a specific purpose.
- Basic Authentication
- OAuth Authentication
- Cookie Authentication
Basic authentication refers to HTTP authentication in which credentials are sent along with the request.
Postman is a powerful tool for connecting to, testing, and working with any API. To authenticate your request, go to the Authorization tab below the address bar:
Authenticated requests can be sent by clicking the Authorization button below the address bar:
After updating the authentication the Headers tab will now include a header field for the encoded username/password string.
- Traditionally, authentication involves two entities: the client and the resource/service provider.
- Clients will be web applications, services or users, whereas Resource/Service Providers will have access to the desired resources or services.
- A Client authenticates itself with the Resource Provider by providing appropriate credentials. While this is a simple process, a security breach is possible.
To disable the WordPress REST API:
You can include code in a theme’s functions file or create your plugin. As this isn’t theme-specific functionality, creating a plugin is better –
Just include the following lines:
add_filter( ‘json_enabled’, ‘__return_false’ );
add_filter( ‘json_jsonp_enabled’, ‘__return_false’ );
To enable REST API to custom post type:
Add this line while creating postype.
“show_in_rest” = true;
Advantages of WordPress REST API:
It is even possible to create web apps with the Backbone model and AngularJS that allow them to manipulate data on the site.
Below are some examples of WordPress REST API implementations:
- Single Page Applications
- Mobile Apps
- Server-Side Platforms