Blog / WordPress / WordPress

WordPress Default REST API Endpoints - Complete Reference Guide

Mahesh Mahesh Waghmare
4 min read

WordPress REST API provides default endpoints for posts, pages, users, media, and more. Understanding these endpoints is essential for headless WordPress, mobile apps, and custom integrations.

This comprehensive guide covers all default REST API endpoints with examples and use cases.

Introduction to REST API

WordPress REST API (introduced in WordPress 4.7) provides a JSON-based interface to WordPress data. It enables headless WordPress, mobile apps, and third-party integrations.

Base URL: https://yoursite.com/wp-json/wp/v2/

Key Features:

  • JSON responses
  • RESTful design
  • Authentication support
  • Extensible endpoints
  • Built into WordPress core

Use Cases:

  • Headless WordPress
  • Mobile applications
  • Third-party integrations
  • Custom frontends
  • Content management

Base URL and Structure

Base URL Format

https://yoursite.com/wp-json/wp/v2/

Namespace

  • wp/v2: Default WordPress namespace
  • Custom namespaces: wp-json/your-namespace/v1/

Endpoint Structure

/wp-json/wp/v2/{resource}/{id}

Examples:

  • /wp-json/wp/v2/posts - All posts
  • /wp-json/wp/v2/posts/123 - Specific post
  • /wp-json/wp/v2/users - All users
Advertisement

Posts Endpoints

List Posts

GET /wp-json/wp/v2/posts

Query Parameters:

  • per_page: Number of posts (default: 10)
  • page: Page number
  • search: Search term
  • categories: Category IDs
  • tags: Tag IDs
  • status: Post status

Example:

GET /wp-json/wp/v2/posts?per_page=5&page=1

Response:

[
  {
    "id": 1,
    "title": {"rendered": "Post Title"},
    "content": {"rendered": "Post content..."},
    "excerpt": {"rendered": "Excerpt..."},
    "date": "2024-01-24T12:00:00",
    "slug": "post-slug",
    "status": "publish"
  }
]

Get Single Post

GET /wp-json/wp/v2/posts/{id}

Example:

GET /wp-json/wp/v2/posts/123

Create Post

POST /wp-json/wp/v2/posts

Headers:

Authorization: Bearer {token}
Content-Type: application/json

Body:

{
  "title": "New Post",
  "content": "Post content",
  "status": "publish"
}

Update Post

POST/PUT /wp-json/wp/v2/posts/{id}

Body:

{
  "title": "Updated Title"
}

Delete Post

DELETE /wp-json/wp/v2/posts/{id}

Pages Endpoints

List Pages

GET /wp-json/wp/v2/pages

Same structure as posts endpoint.

Get Single Page

GET /wp-json/wp/v2/pages/{id}

Create/Update/Delete

Same as posts:

  • POST /wp-json/wp/v2/pages - Create
  • POST /wp-json/wp/v2/pages/{id} - Update
  • DELETE /wp-json/wp/v2/pages/{id} - Delete

Users Endpoints

List Users

GET /wp-json/wp/v2/users

Query Parameters:

  • per_page: Number of users
  • roles: User roles
  • search: Search term

Get Single User

GET /wp-json/wp/v2/users/{id}

Response:

{
  "id": 1,
  "name": "John Doe",
  "slug": "john-doe",
  "email": "john@example.com",
  "roles": ["author"]
}

Current User

GET /wp-json/wp/v2/users/me

Returns current authenticated user.

Advertisement

Media Endpoints

List Media

GET /wp-json/wp/v2/media

Get Single Media

GET /wp-json/wp/v2/media/{id}

Upload Media

POST /wp-json/wp/v2/media

Headers:

Content-Disposition: attachment; filename="image.jpg"
Content-Type: image/jpeg

Body: Binary file data

Taxonomies Endpoints

Categories

GET /wp-json/wp/v2/categories GET /wp-json/wp/v2/categories/{id}

Tags

GET /wp-json/wp/v2/tags GET /wp-json/wp/v2/tags/{id}

Custom Taxonomies

GET /wp-json/wp/v2/{taxonomy} GET /wp-json/wp/v2/{taxonomy}/{id}

Authentication

Application Passwords

Create Password:

  1. Users → Profile → Application Passwords
  2. Create new password
  3. Use in Authorization header

Usage:

Authorization: Basic {base64(username:password)}

OAuth

Use OAuth 1.0a for authentication.

Nonce (for logged-in users)

wp_localize_script('script', 'wpApiSettings', [
    'root' => esc_url_raw(rest_url()),
    'nonce' => wp_create_nonce('wp_rest')
]);

Custom Endpoints

Register Custom Endpoint

add_action('rest_api_init', function() {
    register_rest_route('custom/v1', '/data', [
        'methods' => 'GET',
        'callback' => 'get_custom_data',
        'permission_callback' => '__return_true'
    ]);
});

function get_custom_data($request) {
    return new WP_REST_Response(['data' => 'value'], 200);
}

Access: /wp-json/custom/v1/data

Complete Endpoint List

  • /wp-json/wp/v2/posts - Posts
  • /wp-json/wp/v2/pages - Pages
  • /wp-json/wp/v2/users - Users
  • /wp-json/wp/v2/media - Media
  • /wp-json/wp/v2/categories - Categories
  • /wp-json/wp/v2/tags - Tags
  • /wp-json/wp/v2/comments - Comments
  • /wp-json/wp/v2/types - Post types
  • /wp-json/wp/v2/taxonomies - Taxonomies

Conclusion

WordPress REST API provides:

  • Default endpoints for all content types
  • RESTful design with standard HTTP methods
  • Authentication support
  • Extensibility for custom endpoints

Key Points:

  • Base URL: /wp-json/wp/v2/
  • Use appropriate HTTP methods
  • Authenticate for write operations
  • Extend with custom endpoints
  • Follow REST conventions

Understanding WordPress REST API endpoints enables powerful integrations and headless WordPress setups.

Advertisement
#WordPress #REST API #Endpoints #Development #API
Mahesh Waghmare

Written by Mahesh Waghmare

I bridge the gap between WordPress architecture and modern React frontends. Currently building tools for the AI era.

Follow on Twitter

Read Next

AI in Development Workflows - Practical Integration Guide

3 min read

Essential Development Tools Review - 2025 Edition

3 min read

Next.js App Router - Complete Guide to Modern Routing

3 min read