The WordPress team has announced that they plan to add a REST API to the CMS. This new technology will improve WP’s built-in XML-RPC interface and will allow WordPress developers to create, read, update, and delete data in pages, posts, comments, users, taxonomies and more, via simple HTTP requests.
The idea of a REST API first surfaced during the WordPress Contributor Summit back in 2012 and was quickly put together as the WP REST API (WP API) plugin.
Since the WordPress core team usually tests new features first as plugins before integrating them into the CMS’ core, WP REST API’s name was mentioned countless of times in the past as slated for integration.
While the plugin was never deemed ready enough to be added to the official WordPress core, some developers experimented with it, and some of them even used it in production environments.
The feedback and bugs reported through these projects helped the WP team smooth out various technical and security flaws, and they are now ready to officially announce a more detailed integration plan.
JSON REST API to be added to the core in two phases
So, as the WordPress team is reporting, the implementation of the WP REST API in WordPress will go through two stages.
The first stage will take place with the future release of WordPress 4.4, when developers will add the API’s infrastructure code to the core. This includes code responsible for routing HTTP requests inside the core, and will be the engine which will deal with incoming query requests and also the engine that powers custom APIs built by developers.
The second stage is scheduled for version 4.5 and will deal with API endpoints. The APIs endpoints are where most of the heavy-duty work will be done, and they’ll be responsible for mapping external data to WordPress’ internal make-up.
As WordPress’ team revealed, the second stage is where most privacy and security bugs will probably appear, and can potentially be delayed if it’s not ready in due time.
After the JSON REST API, the WP team plans to move on to work on a new API for adding centralized authentication to WordPress via OAuth.