When registering a route with register_rest_route() you can provide a permission_callback which is a function that checks whether the user has permission to use the endpoint. If only Administrator users should be able to use the endpoint then you can check for the manage_options capability in the callback, like this: register_rest_route( ‘myplugin/v1’, ‘update-rmp”, array( ‘permission_callback’ … Read more
WordPress json – How to use the content rendered from json
REST API – Authentication/Logon security
How can I set the default ‘orderby’ and ‘order’ parameters for a REST API call?
Customizer Changeset, Sidebar and Rest API Custom Endpoints
Some hosts will use a page cache for API routes to deal with this kind of problem. My initial thought would be to look at something like Cloudflare (they have some WordPress presets too) that would allow you to set up this kind of page cache for these API routes. Interested to know how you … Read more
@TomJNowell pointed you the way to go. You have to enqueue a JS file, and within this JS file you can use any technique to do the REST request, like an XMLHttpRequest object or the fetch API. The REST API itself, of course, is part of WordPress, and defined with register_rest_route(). It is also something … Read more
Turn out it is caused by a BOM character from one of my included file. If you are having same problem, you can save your file to Encode in UTF8 without BOM.
Get custom data from the user REST API endpoint
Cant POST with REST API on WordPress