📚 WordPress REST API Endpoints Reference

🚀 Quick Navigation

📝 Posts

📄 Pages

🖼️ Media

👤 Users

💬 Comments

📁 Categories

🏷️ Tags

⚙️ Custom Types

🌐 Base URL Structure

# Standard WordPress installation
https://yourdomain.com/wp-json/wp/v2/

# Subdirectory installation
https://yourdomain.com/wordpress/wp-json/wp/v2/

# Custom namespace for custom endpoints
https://yourdomain.com/wp-json/custom/v1/

🔐 Authentication Methods

// 1. Cookie Authentication (for logged-in users)
fetch('/wp-json/wp/v2/posts', {
    credentials: 'include'
});

// 2. Application Passwords (WordPress 5.6+)
fetch('/wp-json/wp/v2/posts', {
    headers: {
        'Authorization': 'Basic ' + btoa('username:application-password')
    }
});

// 3. JWT Authentication (requires plugin)
fetch('/wp-json/wp/v2/posts', {
    headers: {
        'Authorization': 'Bearer YOUR_JWT_TOKEN'
    }
});

// 4. OAuth (requires plugin)
fetch('/wp-json/wp/v2/posts', {
    headers: {
        'Authorization': 'Bearer YOUR_OAUTH_TOKEN'
    }
});

📝 Posts Endpoints

GET /wp/v2/posts

Retrieve a collection of posts

Parameter	Type	Description	Required
page	integer	Current page of the collection	Optional
per_page	integer	Maximum items per page (1-100)	Optional
search	string	Search term	Optional
orderby	string	Sort collection by (date, relevance, id, title, slug)	Optional
order	string	Order direction (asc, desc)	Optional
status	string	Post status (publish, draft, private)	Optional
categories	array	Filter by category IDs	Optional
tags	array	Filter by tag IDs	Optional
author	integer	Filter by author ID	Optional

// Example: Get recent posts with pagination
fetch('https://example.com/wp-json/wp/v2/posts?per_page=10&page=1')
    .then(response => response.json())
    .then(posts => console.log(posts));

// Example: Search posts by term
fetch('https://example.com/wp-json/wp/v2/posts?search=wordpress')

GET /wp/v2/posts/{id}

Retrieve a single post by ID

Parameter	Type	Description	Required
id	integer	Post ID	Required
context	string	Scope (view, embed, edit)	Optional

{
  "id": 123,
  "date": "2024-01-15T10:00:00",
  "slug": "hello-world",
  "status": "publish",
  "title": {
    "rendered": "Hello World"
  },
  "content": {
    "rendered": "<p>Welcome to WordPress...</p>"
  },
  "author": 1,
  "categories": [1, 3],
  "tags": [5, 8]
}

POST /wp/v2/posts

Create a new post (requires authentication)

Parameter	Type	Description	Required
title	string	Post title	Required
content	string	Post content	Required
status	string	Post status (publish, draft, private)	Optional
categories	array	Category IDs	Optional
tags	array	Tag IDs	Optional
featured_media	integer	Featured image ID	Optional

// Create a new post
fetch('https://example.com/wp-json/wp/v2/posts', {
    method: 'POST',
    headers: {
        'Content-Type': 'application/json',
        'Authorization': 'Bearer YOUR_TOKEN'
    },
    body: JSON.stringify({
        title: 'My New Post',
        content: 'This is the post content',
        status: 'publish',
        categories: [1, 2],
        tags: [3, 4]
    })
});

PUT /wp/v2/posts/{id}

Update an existing post

// Update post title and content
fetch('https://example.com/wp-json/wp/v2/posts/123', {
    method: 'PUT',
    headers: {
        'Content-Type': 'application/json',
        'Authorization': 'Bearer YOUR_TOKEN'
    },
    body: JSON.stringify({
        title: 'Updated Title',
        content: 'Updated content'
    })
});

DELETE /wp/v2/posts/{id}

Delete a post (move to trash or permanently)

Parameter	Type	Description	Required
force	boolean	Skip trash and permanently delete	Optional

// Move to trash
fetch('https://example.com/wp-json/wp/v2/posts/123', {
    method: 'DELETE',
    headers: { 'Authorization': 'Bearer YOUR_TOKEN' }
});

// Permanently delete
fetch('https://example.com/wp-json/wp/v2/posts/123?force=true', {
    method: 'DELETE',
    headers: { 'Authorization': 'Bearer YOUR_TOKEN' }
});

🖼️ Media Endpoints

GET /wp/v2/media

Retrieve media attachments

Parameter	Type	Description	Required
media_type	string	Filter by type (image, video, audio, application)	Optional
mime_type	string	Filter by MIME type	Optional

{
  "id": 456,
  "title": {
    "rendered": "My Image"
  },
  "source_url": "https://example.com/wp-content/uploads/2024/01/image.jpg",
  "media_details": {
    "width": 1920,
    "height": 1080,
    "sizes": {
      "thumbnail": {
        "source_url": "https://example.com/.../image-150x150.jpg"
      },
      "medium": {
        "source_url": "https://example.com/.../image-300x169.jpg"
      }
    }
  }
}

POST /wp/v2/media

Upload new media file

// Upload image file
const formData = new FormData();
formData.append('file', fileInput.files[0]);
formData.append('title', 'My Image Title');
formData.append('caption', 'Image caption');

fetch('https://example.com/wp-json/wp/v2/media', {
    method: 'POST',
    headers: {
        'Authorization': 'Bearer YOUR_TOKEN'
    },
    body: formData
});

👤 Users Endpoints

GET /wp/v2/users

Retrieve users list

Parameter	Type	Description	Required
roles	array	Filter by role (administrator, editor, author, contributor, subscriber)	Optional
who	string	Type of users (authors)	Optional

GET /wp/v2/users/me

Get current authenticated user

// Get current user info
fetch('https://example.com/wp-json/wp/v2/users/me', {
    headers: {
        'Authorization': 'Bearer YOUR_TOKEN'
    }
});

POST /wp/v2/users

Create new user (requires admin authentication)

Parameter	Type	Description	Required
username	string	Login username	Required
email	string	Email address	Required
password	string	User password	Required
roles	array	User roles	Optional

💬 Comments Endpoints

GET /wp/v2/comments

Retrieve comments

Parameter	Type	Description	Required
post	integer	Filter by post ID	Optional
status	string	Comment status (approve, hold, spam, trash)	Optional
author	integer	Filter by author ID	Optional

POST /wp/v2/comments

Create new comment

// Submit a comment
fetch('https://example.com/wp-json/wp/v2/comments', {
    method: 'POST',
    headers: {
        'Content-Type': 'application/json'
    },
    body: JSON.stringify({
        post: 123,
        content: 'Great article!',
        author_name: 'John Doe',
        author_email: 'john@example.com'
    })
});

📁 Categories & Tags

GET /wp/v2/categories

Retrieve categories

// Get all categories
fetch('https://example.com/wp-json/wp/v2/categories')

// Get posts in specific category
fetch('https://example.com/wp-json/wp/v2/posts?categories=5')

GET /wp/v2/tags

Retrieve tags

// Get all tags
fetch('https://example.com/wp-json/wp/v2/tags')

// Create new tag (requires auth)
fetch('https://example.com/wp-json/wp/v2/tags', {
    method: 'POST',
    headers: {
        'Content-Type': 'application/json',
        'Authorization': 'Bearer YOUR_TOKEN'
    },
    body: JSON.stringify({
        name: 'New Tag',
        slug: 'new-tag'
    })
});

📄 Pages Endpoints

GET /wp/v2/pages

Retrieve pages (similar to posts endpoints)

// Get all pages
fetch('https://example.com/wp-json/wp/v2/pages')

// Get page by slug
fetch('https://example.com/wp-json/wp/v2/pages?slug=about-us')

// Get child pages
fetch('https://example.com/wp-json/wp/v2/pages?parent=10')

⚙️ Custom Post Types & Endpoints

GET /wp/v2/{post_type}

Access custom post types registered with REST API support

// Example: Products custom post type
fetch('https://example.com/wp-json/wp/v2/products')

// Example: Portfolio items
fetch('https://example.com/wp-json/wp/v2/portfolio')

// Register custom post type with REST support (PHP)
register_post_type('products', [
    'show_in_rest' => true,
    'rest_base' => 'products',
    'rest_controller_class' => 'WP_REST_Posts_Controller'
]);

GET /wp/v2/types

Get all registered post types

// Discover available post types
fetch('https://example.com/wp-json/wp/v2/types')
    .then(response => response.json())
    .then(types => {
        console.log('Available types:', Object.keys(types));
    });

💡 Pro Tips & Advanced Features

Embedding: Add _embed parameter to include linked resources in response
Field Filtering: Use _fields parameter to limit response fields: ?_fields=id,title,content
Custom Fields: Access meta fields with meta property (requires registration)
Pagination Headers: Check X-WP-Total and X-WP-TotalPages headers
Discovery: Use /wp-json to discover all available routes
CORS: Configure CORS headers for cross-origin requests
Rate Limiting: Implement rate limiting for production APIs
Caching: Use HTTP caching headers for better performance

🎯 Common Query Examples

// Get posts with multiple filters
'/wp/v2/posts?categories=5&tags=10,15&author=1&per_page=20'

// Search across multiple post types
'/wp/v2/search?search=keyword&type=post&subtype=post,page'

// Get posts with embedded author and categories
'/wp/v2/posts?_embed&per_page=10'

// Get only specific fields to reduce payload
'/wp/v2/posts?_fields=id,title,excerpt,link'

// Get posts from last 30 days
'/wp/v2/posts?after=2024-01-01T00:00:00'

// Exclude specific posts
'/wp/v2/posts?exclude=1,2,3'

// Get sticky posts only
'/wp/v2/posts?sticky=true'

// Order by menu order (for pages)
'/wp/v2/pages?orderby=menu_order&order=asc'

⚠️ Common Error Responses

// 401 Unauthorized
{
    "code": "rest_forbidden",
    "message": "Sorry, you are not allowed to do that.",
    "data": { "status": 401 }
}

// 404 Not Found
{
    "code": "rest_post_invalid_id",
    "message": "Invalid post ID.",
    "data": { "status": 404 }
}

// 400 Bad Request
{
    "code": "rest_invalid_param",
    "message": "Invalid parameter(s): per_page",
    "data": { "status": 400 }
}

📚 WordPress REST API Endpoints Reference 📥 Print/Save as PDF