New WordPress API Could Make WP Installs into Data Suppliers
WordPress 4.1 will be the first version of WordPress that will have a JSON REST API built into it’s core. This could open up the already flexible platform to yet another purpose. The once “blogger’s ” content management system WordPress is used for static sites, forums, mini social networks, and almost any other function that a website can supply a visitor. The thousands of plugins allow for developer to adapt page and post types to meet the needs of a non developer consumer. Categories and tags organize this content, further plugins or themesd augment how this content is presented. The variations on how a WordPress site can showcase your content to human visitors is nearly limitless. With an API built into WordPress will push your content to non humans. REST API returning JSON are how programmers get systems and applications talking to each other. With WordPress adopting this your content will now live in your database and is ready to feed others.
A whole new life for WordPress may become possible. Managing data meant for developer consumption has long been a strictly programmers game. A JSON REST API enabled with no set up means those that can enter data into WordPress can manage their very own API. WordPress would be used for providing data and data alone.
One example of this in the real world could be a company using a custom post type for the products they make. Add or edit a post when a new post is created or changed. Developers can keep up to date on your products via your WordPress API. All documentation on how to use the API and upgrades are handled by WordPress. The business simply manages posts with no need for development. Just offer the default API end point to developers that are looking to push your product information and half the work is already done.
A similar effect can already be achieved using the already built in XML feed for WordPress. Here is that link: http://antonioortegajr.com/feed/
However the offer of a JSON return is more attractive to many developers as parsing is simpler.
The security of an API for every WordPress install is concerning. Giving a power tool to users that may not fully grasp the possibilities is a little dangerous. If POST, PUT or DELETE methods are enabled the damage that could be done to compromised WordPress install would be awful. Additionally rate limiting, banning abusers, keys, etc have not been fully explained. While I am willing to bet there will be some level of security, the possibilities of security risk or abuse for the API noob looking to launch their very own data stream remain. It’s not hard to envision a WordPress install being compromised and the resources of the unknowing victim being used for unsavory distribution of data or distribution of unsavory data.
WordPress as a blogging platform now accounts for a substantial portion of sites online. many of them are just terrible. In design and content. I know, I have one. The addition of an API capability will lead to to bad APIs. Bad data, re used data, stale data, etc.. Developers looking for quality data feeds will soon have less complaining about no API available, and more complaining nothing but low quality to bad data being al that is available.
You can try the API plugin out until this is built into WordPress Core: https://wordpress.org/plugins/json-rest-api/