API Keys

​

Managing Your API Keys

API keys are like special passwords that let your applications safely connect to your WordPress site. This page helps you create and manage these keys.

On this page you can:

• See all your API keys
• Create new keys
• Change key permissions
• Remove old keys you don’t need
• See when each key was last used

​

Creating a New API Key

To create a new API key:

1. Click the Generate API Key button
2. Fill in these details:
   • Name (like “My Mobile App” or “Website Backend”)
   • Description (what this key is for)
   • Choose permissions:
     • Read Only (can only view things)
     • Read and Write (can view and change things)
     • Full Access (can do everything)

​

Using Your API Keys

Use your API keys when connecting to your site:

​

Using Headers

fetch("https://yoursite.com/wp-json/wp/v2/posts", {
  headers: {
    "X-WP-API-Key": "your_api_key",
  },
});

​

Keeping Your Keys Safe

Think of API keys like house keys - you need to keep them safe!

Here’s how:

1. Never share your API secrets with anyone
2. Use HTTPS for all connections
3. Create different keys for different projects
4. Remove keys you’re not using anymore
5. Don’t put API keys in public code

​

Need Help?

If you’re having trouble:

1. Make sure you’re using the right key
2. Check if the key has the right permissions
3. Try creating a new key
4. Contact our support team

Remember: Keep your API secrets private and secure - they’re the keys to your WordPress site!

​

Example: Testing Your API Key

Here’s a simple way to test if your API key works:

// Replace with your site's address and API keys
const response = await fetch("https://yoursite.com/wp-json/wp/v2/posts", {
  headers: {
    "X-WP-API-Key": "your_api_key",
    "X-WP-API-Secret": "your_api_secret",
  },
});

const posts = await response.json();

If it works, you’ll see your posts. If not, double-check your keys and permissions.