You are right, APIs should not expose internal data and structures, but if you depend on APIs not written by you, it will rarely be a good use of your time to develop a different API just feel better about this.
And even if you develop your own API it is going to be hard to use for example something instead of post ids without making the API response even slower. You can probably use some kind symetric “encryption” for that, but I assume 99.9% of the developers will not see the point (I am in the 0.1%, but the reality is that something like that is unlikely to add any significant security for most sites)
Related Posts:
- Store a default value for a transient on plugin activation
- Creating a post with the REST API, curl and oauth returning 401 error
- Does the REST API (official) support custom post types?
- wordpress custom endpoint multiple params
- Continue execution after WP REST API response
- Why is the post meta[] empty when I make a call to the wordpress rest api?
- WordPress Scheduled Event Request Blocking
- Accessing the database from a plugin outside of action hooks
- what is the best practice to add new field to an api route
- Woocommerce api: create product with images – bad request
- wp_remote_get() returns 403 while file_get_contents() does not
- Update results, Before deleting the related category [closed]
- Execute long and heavy processes
- PHP > Scheduled Tasks > Sending daily email with dynamic API variables
- wpdb prepare insert table doesn’t work
- How to set a template with wp_insert_post
- Is it possible to create new user from external form using REST API?
- Cant register rest routs from class instance
- Validate and Sanitize WP REST API Request using WP JSON Schema?
- Set default Database Storage Engine when creating tables with plugins?
- How to clone all WordPress Rest API end points
- How do I make this Metabox show current DB value?
- select a single val though a table in wordpress
- no_rest_route error on custom routes
- Flatten Responses returned via WP REST API via WP_Error for obfuscation
- How do i post data to url with fields?
- wp_update_post gives 500 internal error
- code that I can run, or a plug in to show what sql tables something pulls information from
- Looping through and combining calls to Woocommerce REST API
- get Woocommerce product format json for WP_Query
- How to edit the default database of WordPress [closed]
- base64_encode conflict with convert_smilies in wordpress
- Properly process a custom WP REST API request (Authenticate, Authorize + Validate)?
- How to pass and validate nonce in custom REST routes
- Create custom table for wordpress custom registration flow
- Query posts by custom taxonomy slug in WP REST API?
- oneOf JSON Schema validation not properly working for custom post meta value?
- Authenticate + Authorize WP REST API request before built-in WP JSON Schema Payload Validation?
- Adding Microsoft Teams Incoming Webhook to WordPress, Problem with Rest Route?
- WordPress REST API – Custom field not added to pages
- Should I use spl_autoload_register() in my plugin?
- Using register_activation_hook in classes
- Is there a way for a plugin to add an attribute to the tag of a theme?
- How Do I Add User Custom Field to REST API Response?
- Why WordPress uses 4 tables to manage terms
- My shortcode is showing up twice
- Database “Migration” for Plugins?
- No wp-config.php file on local install of wordpress – site still displays
- How to find the output of contact form 7 shortcode? [closed]
- using woocommerce_template_single_add_to_cart in shop-loop – javascript issues [closed]
- Does wp-cron runs all tasks scheduled at same time together or one after other?
- Will simple function names in a class structure conflict with other plugins?
- WP nonce invalid
- How can i upload images in an admin page?
- Create WP_Query to search for posts by their categories or their parent/child categories
- Retrieve $_POST data submitted from external URL in WordPress(NOT API)
- Reprinting tags with all attributes
- database sent to a JSON file
- Filtering a Database Query
- JSON REST API WordPress only showing first 10 categories
- Blob file download problem
- Hook called before text widget save
- Integrating boxtal PHP library into a custom WordPress Plugin
- Lost in trying to create user database system
- Hooks for post saving make a post-new.php to load latest post’s data
- Add row to custom database Table and delete all rows older than 1 day
- Using flickr api in custom wordpress plugin
- Toolbar Hidden in a Virtual Page
- PHP: $_SESSION destroyed after page reload for my custom session
- Custom Endpoint – Does it possible to use PUT method with WP API Rest?
- Payment field disappears on custom Paypal plugin
- Creating a brand attribute as a variable
- Adding image upload in tag section – WordPress plugin development
- How to Remove Theme Style CSS inside Custom Plugin?
- How to Send Pingbacks for all Posts in WordPress?
- I am having errors with checkout on wordpress
- Error establishing a database connection (configuration)
- How can I update the price when someone enters postcode or zip code in woocommerce checkout page?
- Update user meta when an external link in admin notice is clicked
- Is there an option to execute javascript file only on plugin activation
- How do I remove an action hook inside a class that is called by another class?
- Ajax in a class instantiated via shortcode
- Parsing webhook from Shopify in WordPress
- Multisite and the JSON REST API: How to?
- Shortcode Works for Logged in Users but Not Working for Guest
- Submit to itself don’t work
- WordPress / PhpStorm / XDebug and plugin_dir_path issues
- direct query to post_meta table
- special characters not supporting in wordpress
- How to set max users to 17.000
- See output of a sql query while plugin installation in wordpress
- Why this plugin is not working?
- Permission error on plugin save
- How to execute add_action() function from custom plugin to Crontrol plugin or do_action()?
- Implement OAuth2 in custom plugin
- login redirect based on user role not work as expected
- redirect user from login page if is logged
- How to lock users account until approvation
- Variable ++ in query loop
- External api call using wordpress