[API] How to Add Custom Endpoints to WordPress API

https://artisansweb.net/how-to-add-custom-endpoints-to-wordpress-api/

How to Add Custom Endpoints to WordPress API

Recently I worked on a project where we wanted to use AngularJS on the front end and WordPress as a back end. In order to exchange data between AngularJS and WordPress, we used the WordPress REST API. It was a good experience working with the REST API in WordPress. WordPress provides a very clean and efficient way to start using the REST API. This popular CMS also allows you to build the custom endpoint to send/receive data through it.

In this article, we study how to create a custom endpoint in the WordPress REST API. I am going to build the custom endpoint for the GET and POST request.

Use of WordPress REST API

Everybody knows about the popularity of mobile applications and JavaScript frameworks. While building a mobile application or website using the JavaScript framework you need to interact with the backend for the exchange of data. One can choose any platform like WordPress, Laravel for backend purposes. The only requirement is you should have API endpoints on your platform to interchange data between the frontend and backend. The front-end system gives an API call to the backend. On the backend, we should build a system that receives the API calls and processes it.

Mostly we used two types of requests in API endpoints – GET and POST. While we call API with GET request, API will give in response data from the database or delete the data in the database. In the case of POST requests, we either insert records in the database or check the data against the database. Of course, it’s not a thumb rule. The users can decide how it behaves depends on their requirements.

Authorization Using WordPress REST API

When we start with the REST API, the first thing we need to do is checking an Authorization. It’s the important stuff that validates whether the incoming request is coming from a valid source or not. In each API call, we are supposed to send a unique token which then at the backend will verify. If the token is valid then only API requests should proceed further.

For our tutorial, I consider sending a Basic {token} as an Authorization header where token is a base64 encoded. You should set a random consumer key and consumer secret. In each API request, we send these 2 keys as a token in base64 encoded format.

I am going to use ck_6d2c7a515f1af9ff9a2fe0f58e9509884c9a0961 and cs_73c59e0b31a815a1dcc3e553a3e89a33ab369c1d as consumer key and consumer secret respectively. These are the dummy keys I created. You must create your own keys for your project.

Next, I will define a function that validates the incoming token value. Add the below method in your functions.php file which validates the Authorization token.

The above method receives the Authorization value from the incoming headers and checks it against the defined values. If both values match then it means the request is from valid sources.

Login Using WordPress REST API

We have added a code to validate Authorization. Now, let’s build a custom endpoint for a login system. In the below code, we write an API endpoint that receives user credentials and checks if the passed details are correct or not. You need to add this code in your themes functions.php file.

WordPress provides an action ‘rest_api_init’ using which we can build our custom endpoints. Here I am using the register_rest_route function which produces the above API enpoint as YOUR_SITE_URL/wp-json/api/login.

In our code ‘api’ is the namespace, ‘login’ is the route, a method is ‘POST’ and the callback function is ‘login’. The callback method will have an actual logic.

In order to write a logic for login flow, the POST parameters required are email and password which should be sent from the front end along with the Authorization header. While posting this data, you need to send it in JSON format. For instance, from the VSCode using Rest Client Extension I send the POST request as shown in the screenshot below.

The token value passed in the screenshot is the base64 encoded version of the API keys. You can create it in PHP as follows.

Add the code for the login() method in the functions.php file.

Note: If you received an error like “No route was found matching the URL and request method”, you need to update your permalink.

Upon receiving the ‘true’ value for the ‘success’ key, you can log the user in the frontend application.

Build an Endpoint for GET Request

We have seen how to build custom endpoints for POST requests. Now, let’s look into the GET request endpoint using WordPress REST API. For this, I will write an API that deletes a user. From the front end, you should pass the id of a user as a GET parameter.

This code generates an API endpoint as YOUR_SITE_URL/wp-json/api/delete_user/id. To this endpoint, instead of id you should pass your actual id of a user.

The callback method delete_user will have a following code.

I hope you understand how to build a custom endpoint in WordPress REST API. Please share your thoughts and suggestions in the comment section below.

Related Articles

If you liked this article, then please subscribe to our Youtube Channel for video tutorials.

Post navigation

← How to Display Related Products Using WooCommerce REST APIUsing Cron Schedule in Laravel to Automate Tasks →

1 thought on “How to Add Custom Endpoints to WordPress API”

  1. In the companion YouTube video you require the editing of .htaccess by? adding “SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1″, is this still required or was that for a previous version of WordPress?Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Website

Save my name, email, and website in this browser for the next time I comment.

Previous[API] Add a custom endpoint to WordPress REST API with PaginationNext[API] Creating Custom Endpoints for the WordPress REST API

Last updated