WordPress JSON API restrict to specific domain

More reliable will be allowing specific IP instead of domain using REMOTE_ADDR header. You can use HTTP_REFERRER header but it is not reliable. You can do it via using rest_authentication_errors filter. add_filter( ‘rest_authentication_errors’, ‘wpse150207_filter_incoming_connections’ ); function wpse150207_filter_incoming_connections( $errors ){ $allowed_ips = array( ‘127.0.0.1’ ); $request_server = $_SERVER[‘REMOTE_ADDR’]; if( ! in_array( $request_server, $allowed_ips ) ) return … Read more

wordpress JSONAPI introspector always limits number at 10?

I’m answering my own question because it might be useful to someone else sometime. After reading through the somewhat sparse documentation on the wordpress plugin directory and getting nowhere. I found a variable in the JSON API code here’s how it works PS -1 just mean “all”: $json_api->query->count=-1; $posts = $json_api->introspector->get_posts(array(‘post_type’ => array(‘post’,’tweet’,’gallery’,’video’,’music’), ‘post_parent’ => … Read more

Create a new post from hybrid mobile App in WordPress using JSON API plugin

you can use below plugin for authentication, https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/ OR you need to implement auth by below methods, https://developer.wordpress.org/rest-api/using-the-rest-api/authentication/ When you send request with username and password, you can get token as a response. Then you need to send this token with each request with header like below for the Authentication purpose, syntax : Authorization : … Read more