The REST API can be used directly from the browser using Javascript. If you whitelist the domains you want to use for your application, we will send the correct CORS headers. Both authenticated and unauthenticated calls are supported. To make authenticated requests follow the implicit section of the OAuth documentation to get a user token.

All examples use jQuery.

Unauthenticated Requests

You can make unauthenticated GET requests with no additional work. Just make a simple HTTP request:

jQuery.get( "http://public-api.wordpress.com/rest/v1/sites/en.blog.wordpress.com/", function( response ) { 
    // response contains site information
} );

Authenticated Requests

Whitelist Origins

To make authenticated calls you need to whitelist your domain(s). You can do this while creating or configuring your application with the application manager.

Screen Shot 2014-05-15 at 12.39.29 PM

List one URL per line.

Get/Store User Token

If you don't already have an access token for the user visiting your app - follow the implicit section of the OAuth documentation.

Make the request

When making the request you just need to pass the access token as a header.

jQuery.ajax( {
    url: 'https://public-api.wordpress.com/rest/v1/sites/' + site_id + '/posts/new',
    type: 'POST',
    data: { content: 'testing test' },
    beforeSend : function( xhr ) {
        xhr.setRequestHeader( "Authorization", "BEARER " + access_token );
    },
    success: function( response ) {
        // response
    }
} );