AgentSkillsCN

wordpress-api

WordPress REST API 模式与应用密码认证

SKILL.md
--- frontmatter
name: wordpress-api
description: WordPress REST API patterns and Application Password authentication
user-invocable: false

WordPress REST API Reference

Authentication

Application Password (Recommended)

  1. Go to WordPress Admin → Users → Profile
  2. Scroll to "Application Passwords"
  3. Enter name, click "Add New Application Password"
  4. Copy password and REMOVE ALL SPACES
code
WordPress shows: cUAn CKZ1 u5DN IkpS bMra FCWL
Must use:       cUAnCKZ1u5DNIkpSbMraFCWL

HTTP Basic Auth

typescript
const auth = btoa(`${username}:${passwordNoSpaces}`);
fetch(url, {
  headers: {
    'Authorization': `Basic ${auth}`
  }
});

API Endpoints

Base: https://your-site.com/wp-json/wp/v2

Posts

MethodEndpointDescription
GET/postsList posts
GET/posts/{id}Get single post
POST/postsCreate post
PUT/posts/{id}Update post
DELETE/posts/{id}Delete post

Pages

MethodEndpointDescription
GET/pagesList pages
GET/pages/{id}Get single page
POST/pagesCreate page
PUT/pages/{id}Update page
DELETE/pages/{id}Delete page

Media

MethodEndpointDescription
GET/mediaList media
GET/media/{id}Get single media
POST/mediaUpload media
DELETE/media/{id}Delete media

Request Parameters

Pagination

code
?per_page=10&page=1

Filtering

code
?status=publish
?search=keyword
?categories=1,2,3

Ordering

code
?orderby=date&order=desc

Response Format

Post Object

json
{
  "id": 123,
  "date": "2024-01-01T12:00:00",
  "title": { "rendered": "Post Title" },
  "content": { "rendered": "<p>Content</p>" },
  "excerpt": { "rendered": "<p>Excerpt</p>" },
  "status": "publish",
  "link": "https://site.com/post-slug/",
  "featured_media": 0
}

Media Object

json
{
  "id": 456,
  "date": "2024-01-01T12:00:00",
  "title": { "rendered": "Image Title" },
  "source_url": "https://site.com/wp-content/uploads/image.jpg",
  "media_type": "image",
  "mime_type": "image/jpeg"
}

Common Errors

401 Unauthorized

  • Application Password has spaces → Remove all spaces
  • Wrong username → Check username (not email)
  • Password revoked → Generate new Application Password

403 Forbidden

  • User lacks capability → Check user role
  • REST API disabled → Check site settings

404 Not Found

  • Wrong endpoint → Check URL structure
  • Post doesn't exist → Verify ID

Upload Media

From URL

typescript
// 1. Fetch image from URL
const response = await fetch(imageUrl);
const blob = await response.blob();

// 2. Upload to WordPress
const formData = new FormData();
formData.append('file', blob, 'filename.jpg');

await fetch(`${wpUrl}/wp-json/wp/v2/media`, {
  method: 'POST',
  headers: { 'Authorization': `Basic ${auth}` },
  body: formData
});

From Base64

typescript
// 1. Convert base64 to blob
const binary = atob(base64Data);
const bytes = new Uint8Array(binary.length);
for (let i = 0; i < binary.length; i++) {
  bytes[i] = binary.charCodeAt(i);
}
const blob = new Blob([bytes], { type: mimeType });

// 2. Upload to WordPress
const formData = new FormData();
formData.append('file', blob, fileName);
// ... same as above