-
Notifications
You must be signed in to change notification settings - Fork 1
REST API
Intercessor exposes a REST API under the namespace intercessor/v1. All endpoints require authentication and appropriate capabilities unless noted otherwise.
Base URL: /wp-json/intercessor/v1/
GET /requests
Returns a paginated list of prayer requests. Requires edit_prayers capability.
Parameters: Standard WordPress REST pagination (page, per_page).
GET /requests/{id}
Returns a single prayer request by ID. Requires edit_prayers capability.
POST /requests
Creates a new prayer request. Used by the Prayer Form block for AJAX submissions.
PATCH /requests/{id}/status
Updates the status of a prayer request (approve, reject, mark as spam). Requires edit_prayers capability.
GET /requests/{id}/history
Returns the prayer activity history for a specific request. Requires authentication.
GET /requests/{id}/notes
Returns moderator and prayer notes for a request. Requires edit_prayers capability.
POST /requests/{id}/notes
Adds a new note to a request. Requires edit_prayers capability.
DELETE /requests/{id}/notes/{nid}
Deletes a specific note. Requires edit_prayers capability.
GET /requesters
Returns a list of people who have submitted prayer requests. Requires edit_prayers capability.
The API uses WordPress cookie authentication (for logged-in users in the browser) and nonce verification. For external integrations, use WordPress application passwords or a JWT authentication plugin.
In addition to the REST API, Intercessor uses WordPress AJAX for certain front-end interactions:
| Action | Description |
|---|---|
intercessor_pray |
Record an "I prayed for this" action on the Prayer Wall |
intercessor_update_own_request |
Edit a user's own pending request (Prayer History) |
intercessor_delete_own_request |
Delete a user's own request (Prayer History) |
These are called from the front-end JavaScript and are nonce-protected.