Developers use the WordPress.com API to build external apps and integrate WordPress.com site content into a wide variety of external platforms.
WordPress REST API #
All WordPress.com sites, including VIP sites, feature the WordPress REST API. This is the recommended API for all integrations and features methods for handling posts, users, categories, tags and much more. Authentication is handled using OAuth. A great way to begin exploring the REST API is to check out the developer console.
N.B. the VIP site theme does not load for a REST API request on your sites data, this means that any filters or actions you hook from your VIP theme will not have any effect on API responses.
All WordPress.com sites, including VIP sites, also have an XML-RPC endpoint enabled at
/xmlrpc.php. Though it is required by certain legacy apps, we strongly urge the use of the REST API for all new development. Additional information on XML-PRC support is available here and here.
Note: XML-RPC requests that lack a user agent are blocked on WordPress.com.
Can REST or XML-RPC be disabled? #
No. These are enabled and secure for all WordPress.com sites, including VIP sites.