Book Image

Learning WordPress REST API

By : Sufyan bin Uzayr, Mathew Rooney
Book Image

Learning WordPress REST API

By: Sufyan bin Uzayr, Mathew Rooney

Overview of this book

The WordPress REST API is a recent innovation that has the potential to unlock several new opportunities for WordPress developers. It can help you integrate with technologies outside of WordPress, as well as offer great flexibility when developing themes and plugins for WordPress. As such, the REST API can make developers’ lives easier. The book begins by covering the basics of the REST API and how it can be used along with WordPress. Learn how the REST API interacts with WordPress, allowing you to copy posts and modify post metadata. Move on to get an understanding of taxonomies and user roles are in WordPress and how to use them with the WordPress REST API. Next, find out how to edit and process forms with AJAX and how to create custom routes and functions. You will create a fully-functional single page web app using a WordPress site and the REST API. Lastly, you will see how to deal with the REST API in future versions and will use it to interact it with third-party services. By the end of the book, you will be able to work with the WordPress REST API to build web applications.
Table of Contents (16 chapters)
Learning WordPress REST API
About the Authors
About the Reviewer

Securing a REST API

In order to cover the best ways of securing the REST API, it would be a good idea to start with the standard authentication protocols that make it easy to secure that API. As a general rule it's always better to stick to these common protocols, as custom protocols should only be used in certain situations.

The first protocol to be mentioned is basic authentication with TLS, which is the easiest one to implement given that it requires no additional libraries for proper use as the standard framework contains everything that is needed. The low security level compared to other protocols that this method of authentication offers is probably the biggest drawback, with no advanced options available for using this protocol as only the username and password are encoded in Base64. It is also a requirement to use this method of authentication over a secure connection or TLS encryption, given that the credentials could be easily decoded.

OAuth protocol

OAuth 2.0, which is the next version...