The MainWP API uses REST conventions and returns all data in JSON format. Requests may be made using the HTTPS protocol and must be authenticated using an API key (Bearer token) or Consumer Key and Consumer Secret for Legacy REST API (Version 1).
All MainWP REST API calls, including documentation and examples of each call, are publicly available onPostman.
NOTE: Requires your MainWP Dashboard to be set up on a web host. Locally hosted Dashboards will most likely not be reachable by the REST API requests.
How to enable REST API
To enable the REST API functionality,
Go to WP Admin > Settings > Permalinks Page
Choose any settings except for Plain (this is a WordPress REST API limitation)
Navigate to Dashboard > REST API > Add API Keys page
Enter the desired API key name
Copy the API key (Bearer token) to a safe location.
NOTE: The API key (Bearer token) cannot be revealed after you save the key.
Select the necessary Permissions
Read: necessary for endpoints that use GET method
Write: necessary for endpoints that use PUT method
Delete: necessary for endpoints that use DELETE method
If you want to use Legacy Rest API (Version 1)
Click the Show Legacy API Credentials button
Copy the Consumer Key and Consumer Secret to a safe location.
NOTE: The Consumer Key and Secret cannot be revealed after you create them.Toggle on Enable MainWP REST API v1 Compatibility
Click the Save Settings button.
As long as at least one API key is enabled, the REST API functionality of the Dashboard will be enabled.
REST API Permissions
In version 4.5 of the Dashboard, we’ve added granular permissions to the REST API.
Read permission will allow only actions (endpoints) that use the GET method. API Key, with this permission only, will only be used to return data via REST API.
Write Permission will allow only actions (endpoints) that use POST or PUT method. API Key, with this permission only, will only be used to trigger actions or add/edit data via REST API.
Delete Permission will allow only actions (endpoints) that use the DELETE method. API Key, with this permission only, will only be used to trigger actions that delete data via REST API.
Each Key can have one or more permissions set.
API Keys created before version 4.5 will have all three permissions set. If you need to remove any permissions from your existing keys, you can Edit existing keys and readjust permissions as per your needs.
How to disable REST API
To disable the REST API on your Dashboard, navigate to Dashboard > REST API > Manage API Keys page, and disable any Enabled keys you have.
How to delete REST API Keys
To delete the REST API on your Dashboard, navigate to Dashboard > REST API > Manage API Keys page.
Click the Delete button to delete an individual key, or select multiple keys and then select Delete from the Bulk actions dropdown.
Batch Update Response Handling
When calling the API endpoints to initiate batch updates, the API doesn’t wait for the update process to complete, as this might take a significant amount of time. Instead, the API responds immediately with a confirmation message.
{
"success": 1,
"message": "Batch updates all started successfully.",
"last_time_start_batch_updates": "2024-09-03T16:57:29"
}Ensure you allow sufficient time for the update process to complete and then sync your Dashboard to fetch updated information about available updates.