WordPress REST API content endpoints proposed for core

Readers know that the WordPress REST API has had a lot of activity this release cycle. There has been a concerted effort to get the API ready for a core merge in 4.7. The release isn't slated until December, but due to the timelines for feature freezes and testing involved, that means the merge proposal needed to be now.

The content endpoints have been officially proposed for a core merge by team lead Ryan McCue. Here's the key part of the proposal:

For WordPress 4.7 the API team proposes to merge API endpoints for WordPress content types. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:

  • Content:
    • Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
    • Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
    • Terms: Read and write access to all term data.
    • Users: Read and write access to all user data. This includes public access to some data for post authors.
    • Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
  • Management:
    • Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
  • Authentication:
    • OAuth 1: Remote authentication via the OAuth 1 protocol.

This merge proposal represents a complete and functional Content API, providing the necessary endpoints for mobile apps and frontends, and lays the groundwork for future releases focused on providing a Management API interface for full site administration.

The proposal requests feedback from core developers at this time, for both the main plugin and the OAuth plugin.

The team working on the REST API has addressed the bulk of the items outlined at the beginning of the cycle for what needed to be accomplished for merge. Importantly, support for settings and meta are included.

There is still a lot to do. Documentation efforts are underway, and various contributors need to review the APIs implementation details. However, feedback from lead developers and core committers has been mostly positive thus far, and the API has its best shot yet for inclusion.

Most of the feedback currently is around OAuth, especially its UI, which was the area that was known to need the greatest amount of work still.

Version 2.0 is now up to Beta 15, which includes the settings and meta changes, so you can test as long as you are up to date on the 2.0 plugin. I know the team is looking forward to people testing and providing feedback on the API as a whole, and the sooner the better, considering there is limited time for drastic changes.

You may be wondering, “What do I use this API for?” It's a good question. And the answer is not simple, because the short version is, “A ton of stuff.” But it's powerful because you, a site owner or developer, can do a lot; and also, application developers can use your site for powerful functionality as well. Aaron Jorbin brainstormed six things he could build if every WordPress site had the core endpoints — all thought of in the span of time it took him to drink one drink.

I believe we'll see people do all sorts of exciting things with the API once the endpoints are in core, just like we've seen with the infrastructure. It absolutely makes a difference for the API to be part of core, versus a standalone plugin, in how it can be utilized and people can benefit from it.