plugin-icon

Infospica Headless API

Автор: Infospica·
Transform WordPress into a secure headless CMS with a custom REST API, full CRUD support, CPT integration, and ACF compatibility.
acf
custom api
headless
Рейтинги
Добавить отзыв
Версия
1.0.0
Последние изменения
Mar 24, 2026

Infospica Headless API transforms WordPress into a secure and flexible headless CMS by providing a custom REST API namespace with full CRUD capabilities.

Instead of modifying the default WordPress REST API, this plugin creates an isolated and configurable API layer designed specifically for secure and scalable headless architectures.

Ideal for

  • Headless WordPress (Next.js, Nuxt, React, Vue, Angular)
  • Mobile applications
  • SaaS platforms
  • Custom frontend integrations
  • API-driven architectures

Key Features

  • Custom API namespace with version control
  • Full CRUD endpoints (GET, POST, PUT, PATCH, DELETE)
  • Supports:
    • Pages
    • Posts
    • Custom Post Types
  • Optional ACF field support (if ACF is active)
  • Authentication-aware read and write access
  • Capability-based write protection
  • Built-in pagination support (?page and ?per_page)
  • Clean and intuitive admin settings UI
  • Clean uninstall (removes plugin data and settings)

Security Highlights

  • All API endpoints require authentication
  • Write operations require appropriate WordPress capabilities
  • CSRF protection enforced for cookie-based authentication (nonce validation)
  • Sensitive user data (such as email addresses) is not exposed
  • WooCommerce core pages are automatically excluded from API responses

Authentication

All endpoints require authentication.

Supported authentication methods:

  • WordPress login cookies (browser/admin usage)
    • Write requests require X-WP-Nonce header or _wpnonce parameter
  • Application Passwords (recommended for external applications)
  • Any authentication method that properly sets the current user context

Write operations are additionally restricted by WordPress capabilities (e.g., edit_posts, delete_posts).

Available Endpoints

Base structure:

/wp-json/{namespace}/{version}/

Example:

/wp-json/my-api/v1/

Status

GET /status

Pages

GET /pages GET /pages/{id} POST /pages PUT /pages/{id} PATCH /pages/{id} DELETE /pages/{id}

Posts

GET /posts GET /posts/{id} POST /posts PUT /posts/{id} PATCH /posts/{id} DELETE /posts/{id}

Custom Post Types

GET /{post-type} GET /{post-type}/{id} POST /{post-type} PUT /{post-type}/{id} PATCH /{post-type}/{id} DELETE /{post-type}/{id}

Pagination

All list endpoints support:

?page=1 &per_page=10 (maximum 50)

Example:

/wp-json/my-api/v1/posts?page=2&per_page=5<h3>License</h3>

This plugin is licensed under GPLv2 or later.

Бесплатнов платных тарифах
Начало работы
Устанавливая, вы принимаете условия предоставления услуг WordPress.com и условия стороннего разработчика плагина.
Проверено на
WordPress 6.9.4
Этот плагин можно скачать и использовать при .
Загрузить