WP REST API v2.0 (WP-API)
Access your WordPress site's data through an easy-to-use HTTP REST API.
The "develop" branch is undergoing substantial changes and is NOT COMPLETE OR STABLE. Read the in-progress documentation to introduce yourself to endpoints, internal patterns, and implementation details.
The "master" branch represents a BETA of our next version release.
The latest stable version is available from the WordPress Plugin Directory.
WordPress is moving towards becoming a fully-fledged application framework, and we need new APIs. This project was born to create an easy-to-use, easy-to-understand and well-tested framework for creating these APIs, plus creating APIs for core.
This plugin provides an easy to use REST API, available via HTTP. Grab your site's data in simple JSON format, including users, posts, taxonomies and more. Retrieving or updating data is as simple as sending a HTTP request.
Want to get your site's posts? Simply send a
GET request to
Update user with ID 4? Send a
POST request to
/wp-json/wp/v2/users/4. Get all
posts with the search term "awesome"?
It's that easy.
WP API exposes a simple yet easy interface to WP Query, the posts API, post meta API, users API, revisions API and many more. Chances are, if you can do it with WordPress, WP API will let you do it.
Check out our documentation for information on what's available in the API and how to use it. We've also got documentation on extending the API with extra data for plugin and theme developers!
There's no fixed timeline for integration into core at this time, but getting closer!
Drop this directory in and activate it. You need to be using pretty permalinks to use the plugin, as it uses custom rewrite rules to power the API.
We take the security of the API extremely seriously. If you think you've found a security issue with the API (whether information disclosure, privilege escalation, or another issue), we'd appreciate responsible disclosure as soon as possible.
To report a security issue, you can either email
file an issue on HackerOne. We will attempt to give an initial
response to security issues within 48 hours at most, however keep in mind that
the team is distributed across various timezones, and delays may occur as we
(Please note: For testing, you should install a copy of the project and WordPress on your own server. Do not test on servers you do not own.)