Word Rest and Play
@codekipple
Carl Hughes
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2318359/banner.jpg)
Not to be confused with...
- wordpress.com api (available via jetpack)
- Not open
- Relies on wordpress.com server
- Has provided guidence wp-api during development
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323935/jake-confused.png)
- Unification of the two API's is planned
Beginnings
- Started as a Google Summer of Code project in December 2012 by Ryan McCue
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2318365/Screen-Shot-2015-04-03-at-9.25.45-AM-640x291.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2318367/Screen-Shot-2015-04-03-at-9.26.21-AM-640x254.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323955/jakehead.png)
Lead developers
- Ryan McCue @rmccue
- Rachel Baker @rachelbaker
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323968/jake-hat.png)
Project goals
- The core API
- API infrastructure
- Core endpoints - Exposing everything in WordPress Core
- Reference clients (php, JS, CLI)
- Authentication schemes (Including oAuth)
- To make minimal breaking changes (only for security issues)
- To last for 10 years
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324153/jake-thinking.png)
Current (old) API's
XML-RPC
- Most powerful API WordPress currently has
- Gives access to everything in admin
- Used by mobile apps
admin-ajax.php
- Very lightweight routing layer
- Anything you build on top is custom
- More of a tool then an API
- used by post autosave
and heatbeat api
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324178/jake-old.png)
API infrastructure
- Added to core WordPress 4.4 (October 2015)
- Foundational layer of the API
- No endpoints
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2318533/rest-tool-kit.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324157/jake-balloons.png)
API infrastructure - Who might use it
- Plugin authors who that want their own REST API
- Woocommerce
(currently using an early forked version of WP REST API)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324152/two-jakes.png)
Core endpoints
- Currently a feature plugin
- Coming to WordPress core soon
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2318484/feature-plugin.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2318486/landed-features.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324186/jake-arms.png)
Core endpoints - fields
- Consciously renames some WordPress fields for consistency
- Removing eccentricities of WordPress naming
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324050/jake-stretch.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324239/posts.png)
Posts
Core endpoints - fields
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324050/jake-stretch.png)
Comments
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324259/comments.png)
Core endpoints - fields
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324050/jake-stretch.png)
Terms
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324283/terms.png)
Core endpoints - fields
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324050/jake-stretch.png)
Users
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324287/users.png)
Authentication
- oAuth 1.0a
- Not using oAuth 2 because it requires HTTPS
- most WordPress sites don't have SSL
- Requires the installation of oAuth wp plugin
- Is intended for inclusion in core
- Not using oAuth 2 because it requires HTTPS
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324150/Jake_Safety.png)
-
HTTP Basic Authentication
- Useful during development, not intended for production use.
- requires installing either the Basic Auth plugin or Application Passwords plugin
- Is not intended for inclusion in core
Eveloping
- To trigger enveloping, we can append a _envelope parameter to the request URL (i.e. /users/me?_envelope)
- Inspired by technique used on the wordpress.com API
- Always uses 200 status
- Can't trust servers, proxies, HTTP clients
- Some environments block or divert responses with a non 200 HTTP status
- Sneak past proxies
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323838/jake-envelope.jpg)
HTTP/1.1 200 OK
{
"status": 200,
"headers": {
"Location": "http://example.com/wp-json/wp/v2/users/42",
},
"body": {
"id": 42,
...
}
}
Javascript client
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324148/jake-dance.png)
- Uses backbone and underscore included with WordPress
- Backbone Models and Collections for all endpoints exposed by the API Schema.
- Is intended for inclusion in core
- Specifically designed for themes and plugins
- Just an optional addition on top of the API
client-cli
- Integrate with WP-CLI
https://github.com/WP-API/client-cli - Not intended for inclusion in core
Daniel Bachhuber (@danielbachhuber) successfully
funded a kickstarter to overhaul WP-CLI to use the
WP REST API.
-
All WP REST API endpoints registered
via plugins and themes will
automagically be usable as
WP-CLI commands.
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323993/3d-jake.png)
How could this change things?
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324038/jake-fire.png)
Alternative admin UI's
- UI's like wordpress.com calypso
https://developer.wordpress.com/calypso/ - Admins build for singular use cases
(a specialsed media manager)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323562/calypso.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324007/jake-suite.png)
New developers
- Themes built using front-end frameworks like React and ember
- New developers jumping into the WP ecosystem that don't normally like working WordPress or PHP
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323790/Ember.js_Logo_and_Mascot.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323792/react-logo.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323930/developers.png)
Apps/Multisite
- Native apps that easily share the same data as your WP website
- Multisite without using WP multisite
- Seperation of front-end from the WP powered back-end
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323731/AppStore8_2x.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323742/Android_robot_wave.png)
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324141/jake-phone.jpeg)
Interesting plugins
- leveraging the WP REST API endpoints
- Creating their own endpoints
- Replacing core endpoints?
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324165/jake-snail.png)
Hard to tell where this will lead
- Lots of experimenting and fun
- Developer education of the benifits of REST API's
- Death of WordPress?
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324139/jake-death.png)
Further reading
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2323825/jake-book.png)
Thanks
Text
Any questions?
![](https://s3.amazonaws.com/media-p.slid.es/uploads/207713/images/2324023/jake-end.jpg)
Word Rest and Play
By codekipple
Word Rest and Play
- 2,689