Base URL

The WordPress API adheres to REST principles and enforces HTTPS for all requests to ensure data security and integrity. HTTP requests are not supported.

All requests are made to the following base URL:

http://yoursite.com/wp-json/wp/v2

Important Notes:

  • Always use https:// for security
  • Replace yoursite.com with your actual website address
  • The /wp/v2 part tells you which version of the API you’re using

Authentication

To use the API, you’ll need to include your API key with the request:

Using Headers

{
  "X-WP-API-Key": "your_api_key"
}

Response Codes

When you make a request, you’ll get back one of these codes:

CodeMeaningWhat to Do
200All good!Your request worked
400Wrong information sentCheck your request details
401Missing/expired API keyGet a new API key
403Not allowedCheck your permissions
404Not foundCheck the URL
429Too many requestsWait and try again
500Server problemContact support

Making Your First Request

Here’s a simple example to get you started:

// Get all your posts
fetch("https://yoursite.com/wp-json/wp/v2/posts", {
  headers: {
    "X-WP-API-Key": "your_api_key",
  },
})
  .then((response) => response.json())
  .then((posts) => console.log(posts));

Best Practices

  1. Always use HTTPS
  2. Keep your API keys secret
  3. Handle errors in your code
  4. Cache responses when possible
  5. Use proper authentication headers

Testing Tools

You can test your API using:

  • The OpenAPI page in your dashboard
  • Postman
  • cURL commands
  • Browser dev tools

Need More Help?

Remember: Start with simple requests and build up to more complex ones as you learn!