Joey Kudish Partnership Engineer at Automattic jkudish.com @jkudish
Let's talk about interacting with WordPress from outside of WordPress.
Oh by the way, these slides are at http://slides.jkudish.com/
- json RESTful API
- allows you to integrate data + features from WordPress into any application.
- works with any language/platform as long as it can make HTTP requests.
- works with WordPress.com and Jetpack-enabled WP.org blogs (since 1.9+! now at 2.9.3).
- uses oauth2 for authentication.
- some information queryable without authentication.
- insights/stats into your own app usage.
- user info
- site metadata
- create, edit, delete, find, reblog, and view posts (includes CPTs & post meta)
- create, edit, delete, find, and view comments
- search & related posts
- taxonomies (categories/tags & custom ones too)
- media
- likes & following/subscribing to a blog
- WordPress.com Freshly Pressed content
- notifications
- stats
- WordPress.com reader
- your own app's insights
$client_id = '1';
$client_secret = '##############';
$redirect_url = 'http://wordcampottawaisthebest.com';- done via OAuth2
- authorization_code grant type
- https://public-api.wordpress.com/oauth2/authorize?client\_id=**your\_client\_id**&redirect\_uri=**your\_url**&response\_type=code
- Exchange it for access
$curl = curl_init( "https://public-api.wordpress.com/oauth2/token" );
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_POSTFIELDSS, array(
'client_id' => $client_id,
'redirect_uri' => $redirect_uri,
'client_secret' => sanitize_key( $_GET['code'] ), // the code we got from the authorization screen
'grant_type' => 'authorization_code',
) );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, 1 );
$auth = curl_exec( $curl );$secret = json_decode( $auth );
print_r( $secret );{
'access_token' : **YOUR_API_TOKEN**
'blog_id' : 1234
'blog_url' : 'http://mysupercooljetpackblog.com'
'token_type' : 'bearer',
}$access_token = $secret->access_token;
$site_id = $secret->blog_id;Huzzah! authentication is as simple as that...
$options = array(
'http' =>
array(
'ignore_errors' => true,
'header' => array(
'authorization: Bearer ' . **$access_token**,
),
),
);
$context = stream_context_create( $options );
$response = file_get_contents( 'https://public-api.wordpress.com/rest/v1/me', false, $context );
$reponse = json_decode( $response );GET https://public-api.wordpress.com/rest/v1/me
{
"ID": 10916751,
"display_name": "Joey Kudish",
"username": "jkudish",
"email": "[email protected]",
"primary_blog": 21221610,
"token_site_id": false,
"avatar_URL": "https://2.gravatar.com/avatar/e3b86944dc95b3f722798bc3a74fe11d?s=96&d=identicon",
"profile_URL": "http://en.gravatar.com/jkudish",
"verified": true,
"meta": {
"links": {
"self": "https://public-api.wordpress.com/rest/v1/me",
"help": "https://public-api.wordpress.com/rest/v1/me/help",
"site": "https://public-api.wordpress.com/rest/v1/sites/5836086"
}
}
}GET https://public-api.wordpress.com/rest/v1/sites/21221610/themes/mine
(We got the site ID from the primary_blog key from the last response.)
{
"id": "writr",
"screenshot": "https://i2.wp.com/s0.wp.com/wp-content/themes/pub/writr/screenshot.png",
"cost": {
"currency": "USD",
"number": 0,
"display": ""
},
"version": "1.0.8",
"download_url": "https://public-api.wordpress.com/rest/v1/themes/download/writr.zip",
"trending_rank": 62,
"popularity_rank": 66,
"launch_date": "2013-10-31",
"name": "Writr",
"description": "Writr is a minimalist...",
"tags": [ ... ]
}POST https://public-api.wordpress.com/rest/v1/sites/21221610/themes/mine
curl 'https://public-api.wordpress.com/rest/v1/sites/36336212/themes/mine?http_envelope=1&' --data 'theme=twentythirteen'
(auth removed for brevity)
{
"id": "twentythirteen",
"screenshot": "https://i1.wp.com/s0.wp.com/wp-content/themes/pub/twentythirteen/screenshot.png",
"cost": {
"currency": "USD",
"number": 0,
"display": ""
},
"version": "1.2",
"download_url": "",
"trending_rank": 54,
"popularity_rank": 7,
"launch_date": "2013-04-24",
"name": "Twenty Thirteen",
"description": "The 2013 theme ...",
"tags": [ ... ]
}- you don't need to do anything special, just activate the
JSON APImodule (auto-activated by default), - Jetpack sites show up in the OAuth Dialog.
- Jetpack sites have a site ID just like WordPress.com.
- a few endpoints (e.g. reblogging) are WordPress.com only.
- the
/meendpoint always returns the WordPress.com user.
- If you're a WordPress.com VIP client or use Jetpack, you can easily support CPTs and custom metadata in the REST API
- http://wp.me/p2gHKz-OY
- There's 2 filters
rest_api_allowed_post_typesandrest_api_allowed_public_metadata
Try WPCC
- All the docs are at developer.wordpress.com/docs.
- Other resources at developer.wordpress.com.
- Tweet us @AutomatticEng.
- Contact form (we reply within a day usually) developer.wordpress.com/contact.
- Email me directly: [email protected].
- support for publicize (automatic publishing to external services) in the API.
- bring all the endpoints up to par with wp-admin. Everything you can do in wp-admin should be do-able from the API.
- implicit oauth.
- more how-to's and sample apps on the developer site
- CORS support: so that you can build a full JS app without any server-side code or hacky iFrames.
- What do you want to see?
- REST API/Developer resources
- WordPress.com/Jetpack
- WordPress development at large
- Working remotely (and travelling while doing it!)
- Automattic
- Beagles
- Bonus (time permitting): let's create your first app