Can’t use /wp-json/wp/v2/plugins API endpoint even as administrator

SUGGESTIONS I suggest the following: first ensure you are running WordPress version 5.5.* as this version adds the endpoints for /wp/v2/plugins see: New and modified REST API endpoints in WordPress 5.5 using basic authentication issue a request as per the following using curl curl –user username:password https://example.com/wp-json The first request should succeed regardless because it … Read more

Dynamic URL, not a physical page within the database

add_rewrite_rule can help you sniff the request and let you handle it however you want. if( ! class_exists(‘PropertiesEndpoint’)): class PropertiesEndpoint { // WordPress hooks public function init() { add_filter(‘query_vars’, array($this, ‘add_query_vars’), 0); add_action(‘parse_request’, array($this, ‘sniff_requests’), 0); add_action(‘init’, array($this, ‘add_endpoint’), 0); } // Add public query vars public function add_query_vars($vars) { $vars[] = ‘__properties’; $vars[] = … Read more

How to add a custom parameter to a WP API default route?

After a lot of digging I seem to have found a solution myself, and a pretty powerful one, which makes use of a rest_{ post_type }_query filter (replace the { post_type } part with the slug of your custom post type. You can use rest_post_query to alter the default /wp-json/wp/v2/posts request): public function __construct() { … Read more

Basic WordPress AJAX Call

WordPress AJAX uses actions to connect your jQuery action with a traditional WordPress action. Take a look at the example WordPress provides in their docs. There’s 2 hooks: add_action( “wp_ajax_{$jquery_action_string}”, “callback_function_name” ); The above will only work for authenticated ( logged in ) users. For non-logged-in users we use nopriv: add_action( “wp_ajax_nopriv_{$jquery_action_string}”, “callback_function_name” ); So … Read more

Customizer JS API: Defining control settings

Settings must be registered in PHP one way or another. If you don’t register them statically via $wp_customize->add_setting() calls, you will have to register dynamic recognition of them via the customize_dynamic_setting_args filter. Why? In order for a setting to be safely stored it must be sanitized and validated by the server. Relying on client-side sanitization … Read more