Summery Summery

Check a username for the REST API.

Syntax Syntax

WP_REST_Users_Controller::check_username( string $value, WP_REST_Request $request, string $param )

Description Description

Performs a couple of checks like edit_user() in wp-admin/includes/user.php.

Parameters Parameters


(string) (Required) The username submitted in the request.


(WP_REST_Request) (Required) Full details about the request.


(string) (Required) The parameter name.

Return Return

(string|WP_Error) The sanitized username, if valid, otherwise an error.

Source Source

File: wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php

	public function check_username( $value, $request, $param ) {
		$username = (string) $value;

		if ( ! validate_username( $username ) ) {
			return new WP_Error(
				__( 'This username is invalid because it uses illegal characters. Please enter a valid username.' ),
				array( 'status' => 400 )

		/** This filter is documented in wp-includes/user.php */
		$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );

		if ( in_array( strtolower( $username ), array_map( 'strtolower', $illegal_logins ), true ) ) {
			return new WP_Error(
				__( 'Sorry, that username is not allowed.' ),
				array( 'status' => 400 )

		return $username;


Changelog Changelog

Version Description
4.7.0 Introduced.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.