In today's interconnected digital landscape, managing content shouldn't confine you to a single dashboard. Imagine building a custom mobile app that directly publishes to your WordPress site, or automating content updates from a different system. This isn't just a dream; it's entirely possible using the powerful WordPress REST API. This guide will walk you through the process of creating a new WordPress post from a remote website or application.
At its core, the WordPress REST API provides a standardized way for external applications to interact with your WordPress site. It exposes various endpoints (URLs) that correspond to different types of content and functionalities, allowing you to read, create, update, and delete posts, pages, users, and more, all using standard HTTP requests.
Before you can send content to your WordPress site, you need to authenticate your request. For remote applications, the most secure and recommended method is using **Application Passwords**.
1. **Generate an Application Password**: Log into your WordPress admin dashboard, navigate to `Users > Profile`. Scroll down to the "Application Passwords" section. Give your new application password a descriptive name (e.g., "Remote App Publisher") and click "Add New Application Password." WordPress will generate a unique, 24-character password. **Copy this password immediately**, as it will not be displayed again. This password is linked to your user account and inherits its permissions.
2. **Encoding Credentials**: When making an API request, you'll need to send your WordPress username (or the user's email associated with the application password) and the generated application password in the `Authorization` header. This usually involves Base64 encoding the string `username:application_password`. For example, if your username is `admin` and your application password is `xyz123abc`, you'd encode `admin:xyz123abc`.
To create a new post, you'll send an HTTP `POST` request to the dedicated posts endpoint.
* **API Endpoint**: Your WordPress site's URL followed by `/wp-json/wp/v2/posts`.
* Example: `https://yourdomain.com/wp-json/wp/v2/posts`
* **HTTP Method**: `POST`
* **Headers**:
* `Content-Type: application/json`: This tells the API that the body of your request is a JSON object.
* `Authorization: Basic [your_base64_encoded_credentials]`: This is where you insert your encoded username and application password.
* **Request Body (JSON Payload)**: This is the most important part, containing the actual data for your post. It must be a JSON object with at least `title` and `content`.
```json
{
"title": "My Exciting New Blog Post via API",
"content": "This is the amazing content of my remotely created blog post. It can include HTML!",
"status": "publish",
"categories": [2, 5],
"tags": [10, 15],
"author": 1,
"excerpt": "A short summary of the post."
}
```
* `title` (string, required): The title of your post.
* `content` (string, required): The main body of your post. You can include HTML here.
* `status` (string, optional, default: "draft"): Can be "publish", "pending", "draft", "private".
* `categories` (array of integers, optional): An array of category IDs to assign the post to.
* `tags` (array of integers, optional): An array of tag IDs.
* `author` (integer, optional): The ID of the author. Defaults to the authenticated user's ID.
* `excerpt` (string, optional): A brief summary of the post.
While the exact code will vary based on your programming language (e.g., JavaScript with `fetch` or `axios`, Python with `requests`, PHP with `curl`), the conceptual request looks like this:
```
POST /wp-json/wp/v2/posts HTTP/1.1
Host: yourdomain.com
Content-Type: application/json
Authorization: Basic YWRtaW46eHl6MTIzYWJj (example Base64 encoded string)
{
"title": "A Post from My Remote App",
"content": "
Hello, WordPress! This post was sent from a custom application.
","status": "publish"
}
```
Upon a successful `POST` request, the API will return a `201 Created` status code and a JSON object representing the newly created post, including its ID, permalink, and all other associated data. If there's an error (e.g., invalid credentials, missing required fields), you'll receive an appropriate error status code (e.g., 401 Unauthorized, 400 Bad Request) and a JSON object detailing the error.
The WordPress REST API unlocks incredible possibilities for content management beyond the traditional admin panel. By understanding how to authenticate and structure your `POST` requests, you can seamlessly integrate your WordPress site with any external application, custom tool, or automated workflow. Dive in, experiment, and revolutionize the way you publish content!