Skip to main content
The MainWP API uses REST conventions and returns all data in JSON format. Authenticate requests using an API key (Bearer token) or Consumer Key/Consumer Secret for Legacy REST API (Version 1). All MainWP REST API calls, including documentation and examples, are publicly available on Postman.
Your MainWP Dashboard must be on a web host accessible via the internet. Locally hosted Dashboards cannot receive REST API requests.

Enable REST API

1

Configure permalinks

Go to WP Admin > Settings > Permalinks and choose any setting except Plain (WordPress REST API limitation).Permalinks settings
2

Create an API key

Navigate to Dashboard > REST API > Add API Keys and enter a name for your key.
3

Save the Bearer token

Copy the generated API key (Bearer token) to a safe location.Add API Key form showing the generated Bearer token
The API key cannot be revealed after you save. Store it securely before proceeding.
4

Set permissions

Select the permissions your key requires (Read, Write, Delete).
5

(Optional) Enable Legacy API

To use Legacy REST API (Version 1):
  • Click Show Legacy API Credentials
  • Copy the Consumer Key and Consumer Secret
  • Enable MainWP REST API v1 Compatibility Animation showing Legacy API credentials and Enable REST API v1 Compatibility toggle
6

Save settings

Click Save Settings to activate the key.
The REST API is enabled as long as at least one API key is active.

REST API Permissions

MainWP REST API uses granular permissions that you can assign individually or in combination.
PermissionHTTP MethodsUse Case
ReadGETRetrieve data without modifications
WritePOST, PUTCreate or update data, trigger actions
DeleteDELETERemove data
API keys created before version 4.5 have all three permissions enabled by default. Edit existing keys to adjust permissions.
API Key permissions table showing Read, Write, and Delete options

Disable REST API

Navigate to Dashboard > REST API > Manage API Keys and disable any enabled keys. Manage API Keys page showing enabled keys with disable toggle

Delete REST API Keys

Navigate to Dashboard > REST API > Manage API Keys. Click Delete to remove individual keys, or select multiple keys and choose Delete from the Bulk actions dropdown. Manage API Keys page with Delete button and Bulk actions dropdown

Batch Update Response Handling

Batch update endpoints respond immediately with a confirmation rather than waiting for completion: 
{
    "success": 1,
    "message": "Batch updates all started successfully.",
    "last_time_start_batch_updates": "2024-09-03T16:57:29"
}
Allow sufficient time for the update process to complete, then sync your Dashboard to fetch updated information.

API Reference Documentation

For complete endpoint documentation including request parameters, response schemas, and code examples:

REST API Reference

Complete endpoint documentation for sites, updates, clients, and more.

Abilities API Reference

Structured capability registry for AI and automation integrations.