I cannot speak for WP core devs, but my recommendation regardless is to not consider the RPC for any new projects. Use the REST API instead.
Thread Starter
lsmeni
(@lsmeni)
The problem with the REST API is that it doesn’t have way to authenticate external calls without the need of a plugin (Basic Authentication Plugin, Application Passwords, OAuth1…). Do you have any suggestions for dealing with that?
Unless you can send auth cookies created from logging into the site, yes you need an authentication plugin. Why would such a plugin be a problem?
Unless you are changing DB data, you may not need to log in at all. Publicly available data like posts do not require authentication to retrieve.
Thread Starter
lsmeni
(@lsmeni)
Unfortunately the integration should be able to create posts on some client’s blog from some external API calls, so authentication/authorization is a real need. Also, I’m trying to avoid the installation of any additional plugin on the client’s blog.
I’ve discovered that some services like Zapier and Jetpack are still using the XML-RPC API, so I’m still unsure to take a decision. Could you address this thread to some core dev so that they can share their opinion on that? Thanks for the attention and the quick replies!
