Description
JSON API User extends the JSON API Plugin with a new Controller to allow RESTful user registration, authentication, password reset, RESTful Facebook Login, RESTful User Meta and BuddyPress xProfile get and update methods. This plugin is for WordPress/Mobile app developers who want to use WordPress as mobile app data backend.
JSON API Plugin, that is required, was closed on August 7, 2019 from WordPress repository. You can download JSON API Plugin from https://github.com/PI-Media/json-api until it is republished and available on WordPress.
Features include:
- Generate Auth Cookie for user authentication
- Validate Auth Cookie
- RESTful User Registration
- RESTful Facebook Login/Registration with valid access_token
- RESTful BuddyPress xProfile fields update
- Get User Meta and xProfile fields
- Update User Meta and xProfile fields
- Delete User Meta
- Password Reset
- Get Avatar
- Get User Info
- Post Comment
The plugin was created for mobile apps integration with the web app using WordPress as backend for all the data. WordPress helped in putting together the web app quickly and then Mobile iOS and Android apps were integrated via this plugin. There were some app specific customized methods which are not included but rest have been made generic for community usage.
My other JSON API Auth plugin has also been integrated with this plugin from version 1.1 because most endpoints required user authentication via cookie for data update.
Pro Version – JSON API User Plus
A pro version of this plugin, JSON API User Plus, is available here https://www.parorrey.com/solutions/json-api-user-plus/ that supports BuddyPress Messages component, BuddyPress avatar upload, BuddyPress Extended Profile, BuddyPress Groups, BuddyPress Friends, BuddyPress Activity, BuddyPress Notifications, BuddyPres Settings and other BuddyPress related functions to integrate BuddyPress features in your mobile app via REST api.
JSON API User Plus includes API key which protects and restricts the endpoint calls. This key can be updated from Settings > User Plus options page. Your app must include this key with every call to get the data from REST API. Please see documentation for calling endpoints examples for ‘JSON API User Plus’.
JSON API User Plus features include:
- Generate Auth Cookie for user authentication
- Validate Auth Cookie
- RESTful User Registration
- RESTful Facebook Login/Registration with valid access_token
- RESTful BuddyPress xProfile fields update
- Get User Meta and xProfile fields
- Update User Meta and xProfile fields
- Delete User Meta
- Password Reset
- Get/Upload Avatar
- Get User Info
- Post Comment
- Add Post, Update Post, Delete Post
- Add/Edit/Delete Custom Post Type, Custom Fields
- Search User
- BuddyPress Activities
- BuddyPress Members
- BuddyPress Friends
- BuddyPress Notifications
- BuddyPress Settings
- & many more
Screenshots
Call to generate_auth_cookie endpoint using Postman 
Call to get_currentuserinfo endpoint using Postman 
Call to validate_auth_cookie endpoint using Postman
Installation
First you have to install the JSON API for WordPress Plugin (https://www.ads-software.com/extend/plugins/json-api/installation/).
To install JSON API User just follow these steps:
- Upload the folder “json-api-user” to your WordPress plugin folder (/wp-content/plugins)
- Activate the plugin through the ‘Plugins’ menu in WordPress or by using the link provided by the plugin installer
- Activate the controller through the JSON API menu found in the WordPress admin center (Settings -> JSON API)
FAQ
-
There are following methods available: register, get_avatar, get_userinfo, retrieve_password, validate_auth_cookie, generate_auth_cookie, get_currentuserinfo, get_user_meta, update_user_meta, delete_user_meta, xprofile, xprofile_update, fb_connect
-
nonce can be created by calling if you are registering user. https://localhost/api/get_nonce/?controller=user&method=register
-
You can then use ‘nonce’ value to register user.
-
Always use POST method and not GET method to submit data, following url examples of GET method are only for demonstration purposes.
-
Method: info
-
https://localhost/api/user/info/
This returns plugin version.
-
Method: register
-
https://localhost/api/user/register/?username=john&[email protected]&nonce=8bdfeb4e16&display_name=John¬ify=both
To register user & get valid cookie for 100 seconds:
https://localhost/api/user/register/?username=john&[email protected]&display_name=John¬ify=both&seconds=100Optional fields: ‘user_pass’, ‘user_nicename’, ‘user_url’, ‘nickname’, ‘first_name’, ‘last_name’, ‘description’, ‘rich_editing’, ‘user_registered’, ‘jabber’, ‘aim’, ‘yim’, ‘comment_shortcuts’, ‘admin_color’, ‘use_ssl’, ‘show_admin_bar_front’.
Please make sure you provide valid values that these fields expect in correct format.
To disbale registration email notification to user:
https://localhost/api/user/register/?username=john&[email protected]&nonce=8bdfeb4e16&display_name=John¬ify=no
To register with user provided password:
https://localhost/api/user/register/?username=john&[email protected]&nonce=8bdfeb4e16&display_name=John¬ify=both&user_pass=YOUR-PASSWORD
To add custom fields for user profile, send ‘custom_fields’ named associative array, populated with standard ‘meta_key’ as index and ‘meta_value’ as its value. For example, you need to add address and phone for any user, populate custom_fields[address] index with address value and custom_fields[phone] with hpone value.
You can add any number of custom fields. These are stored as meta_key and meta_value in user_meta WordPress table. You can access these values in WordPress using get_user_meta() fucntion.
You can also get these values with get_user_meta endpoint, see below this endpoint documentation.
-
Method: fb_connect
-
It needs valid ‘access_token’ var.
https://localhost/api/user/fb_connect/?access_token=CAACEdEose0cBADLKmcHWOZCnW4RGU8emG
Provide valid access_token with email extended permission. To generate test access_token, try this tool https://developers.facebook.com/tools/explorer/ and select the app from above drop down that you want to get access_token (You must have joined that app already with email permission to generate access_token) for and then select email from the fields. By default, only ‘id’ and ‘name’ are added but you need to include ’email’ for user identification.
You will have to first allow extended permission for email in the app joining screen. Please note that above tool is only for testing, you generate valid access_token using the Graph API in your app. You should know Facebook Graph API to use this endpoint.
-
It needs ‘cookie’ var.
https://localhost/api/user/validate_auth_cookie/?cookie=admin|43089754375034fjwfn39u8
-
It needs
username,passwordvars.secondsis optional.First get the nonce: https://localhost/api/get_nonce/?controller=user&method=generate_auth_cookie
Then generate cookie: https://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE
Optional ‘seconds’ var. It provided, generated cookie will be valid for that many seconds, otherwise default is for 14 days.
generate cookie for 1 minute: https://localhost/api/user/generate_auth_cookie/?username=john&password=PASSWORD-HERE&seconds=60
60 means 1 minute.
-
Method: delete_user_meta
-
It needs ‘cookie’ and ‘meta_key’ var and ‘meta_value’ to delete.
https://localhost/api/user/delete_user_meta/?cookie=COOKIE-HERE&meta_key=KEY-HERE&meta_value=VALUE-HERE
-
Method: update_user_meta
-
It needs ‘cookie’ and ‘meta_key’ var and ‘meta_value’ to update. You must include a ‘meta_value’ var in your request. If you have multiple values for any meta_key, you must send it as an array meta_value[] in POST method.
https://localhost/api/user/update_user_meta/?cookie=COOKIE-HERE&meta_key=KEY-HERE&meta_value=VALUE-HERE
-
Method: update_user_meta_vars
-
It needs ‘cookie’ and any user meta variables. This endpoint allows you cut http requests if you have to add/update more than one user_meta field at a time.
https://localhost/api/user/update_user_meta_vars/
In the above endpoint use custom_fields[‘website’]=domain.com, custom_fields[‘city’]=NYC, custom_fields[‘country’]=USA as meta_key for WordPress user_meta values using POST method.
If you have multiple values for any variable, you must send it as an array i.e. variable_name[] in POST method. For instance, you have skills variable with multiple values, you will send a custom_fields[‘skills’][] array with its values using POST method.
-
Method: get_user_meta
-
It needs ‘user_id’. ‘meta_key’ var is optional.
https://localhost/api/user/get_user_meta/?cookie=COOKIE-HERE&meta_key=KEY-HERE
-
Method: xprofile
-
It needs ‘user_id’ and any profile ‘field’ var.
https://localhost/api/user/xprofile/?user_id=USERID-HERE&field=FIELD-LABEL-HERE
-
Method: xprofile_update
-
It needs ‘cookie’ and any profile ‘field’ var and ‘value’.
https://localhost/api/user/xprofile_update/?cookie=COOKIE-HERE&exact-xprofile-field-label=value
https://localhost/api/user/xprofile_update/?cookie=COOKIE-HERE&field=value&field2=value&multi-value-field=value1,value2,value3
Please make sure you provide ending comma for all those fields which have multiple values. e.g. If ‘skills’ xProfile field has multiple values, pass them like
https://localhost/api/user/xprofile_update/?cookie=COOKIE-HERE&skills=PHP,MySQL, or &skills=PHP, make sure you always pass ending comma for multi-select fields to be added in array format. -
Method: retrieve_password
-
It needs user_login var.
https://localhost/api/user/retrieve_password/?user_login=john
-
Method: get_avatar
-
It needs user_id var.
https://localhost/api/user/get_avatar/?user_id=1
-
Method: get_userinfo
-
It needs user_id var.
https://localhost/api/user/get_userinfo/?user_id=1
-
Method: post_comment
-
It needs ‘cookie’, ‘post_id’, ‘content’, ‘comment_status’ vars.
https://localhost/api/user/post_comment/?cookie=COOKIE-HERE&post_id=ID&content=Comment contents here&comment_status=1
For additional endpoints, pro version JSON API User Plus plugin details check here https://www.parorrey.com/solutions/json-api-user-plus/
Reviews
Contributors & Developers
“JSON API User” is open source software. The following people have contributed to this plugin.
Contributors
Translate “JSON API User” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
4.0.0
- bug fix for array, for new version of WordPress 6.6.2
3.9.9
- for new version of WordPress 6.6.1
3.9.8
- fixed security vulnerabilities & for new version of WordPress 6.6.1
3.9.7
- fixed security vulnerabilities
3.9.6
- fixed security vulnerabilities & for new version of WordPress 6.6
3.9.5
- fixed readme file.
3.9.4
- fixed security vulnerabilities & for new version of WordPress 6.6
3.9.3
- Fixed a bug for get_userinfo, generate_auth_cookie, get_currentuserinfo endpoints for avatar
3.9.2
- Fixed a bug for validate_auth_cookie endpoint and error message
3.9.1
- Updated for wordpress version 6.1.1
3.9.0
- Updated for wordpress version 6.0.1, bug fix for generate_auth_cookie endpoint
3.8.1
- Updated for wordpress version 5.9
3.8.0
- Updated for wordpress version 5.8
3.7.0
- Updated for wordpress version 5.7.
3.6.0
- Updated for wordpress version.
3.5.0
- Updated update_user_meta endpoint for array variable values.
- Updated update_user_meta_vars endpoint for array variable values.
3.4.0
- Updated for hash cookie in response to register endpoint.
- Added ‘custom_fields’ for user profile register endpoint, ‘custom_fields’ named array with ‘meta_key’ and ‘meta_value’ will be added in user profile.
3.3.0
- Updated for hash cookie in response to generate_auth_cookie endpoint.
- Updated and included cookie, cookie name, hashed cookie and user_login info in response to registration endpoint.
- ‘display_name’ variable is not required anymore in ‘regstration’ endpoint.
3.2.0
- Updated for JSON API Plugin diretory check error and updated action links.
3.1.3
- Fixed action links