REST API Reference

ShahiLandin provides a comprehensive REST API for programmatic access to landing pages, analytics, and experiments. This enables integration with external systems, custom applications, and automation workflows.

API Overview

Base URL: https://your-site.com/wp-json/shahilandin/v1

Namespace: shahilandin/v1

Authentication: WordPress REST API authentication (cookie, application passwords, OAuth)

Response Format: JSON

Authentication

Methods Supported

1. Cookie Authentication (for logged-in users)
2. Application Passwords (recommended for external apps)
3. OAuth 1.0a (via plugins)
4. JWT (via plugins)

Application Passwords


Setup:

5. Go to Users > Profile
6. Scroll to Application Passwords
7. Enter application name
8. Click Add New Application Password
9. Copy the generated password

Usage:

`bash
curl -X GET \
https://your-site.com/wp-json/shahilandin/v1/landings \
–user “username:xxxx xxxx xxxx xxxx xxxx xxxx”
`

Headers:
`http
Authorization: Basic base64(username:password)
`

Cookie Authentication


For browser-based requests, include the nonce:

`javascript
fetch(‘/wp-json/shahilandin/v1/landings’, {
credentials: ‘same-origin’,
headers: {
‘X-WP-Nonce’: wpApiSettings.nonce
}
});
`

Endpoints


Landing Pages


Get All Landing Pages


Endpoint: GET /shahilandin/v1/landings

Parameters:

| Parameter | Type | Description | Default |
|————|———|——————————–|———|
| per_page | integer | Number of items per page | 10 |
| page | integer | Page number | 1 |
| status | string | Filter by status | any |

Request:

`bash
curl -X GET \
‘https://your-site.com/wp-json/shahilandin/v1/landings?per_page=20&page=1&status=publish’ \
–user “username:password”
`

`javascript
// JavaScript example
const response = await fetch(‘/wp-json/shahilandin/v1/landings?status=publish’, {
credentials: ‘same-origin’,
headers: {
‘X-WP-Nonce’: wpApiSettings.nonce
}
});
const landings = await response.json();
`

Response:

`json
[
{
“id”: 123,
“title”: “Summer Sale 2025”,
“slug”: “summer-sale-2025”,
“status”: “publish”,
“date”: “2025-11-15T10:23:45”,
“modified”: “2025-11-28T09:15:22”,
“link”: “https://your-site.com/landing/summer-sale-2025”,
“edit_link”: “https://your-site.com/wp-admin/post.php?post=123&action=edit”,
“statistics”: {
“views”: 5432,
“conversions”: 271,
“conversion_rate”: 4.99,
“bounce_rate”: 45.2,
“avgtimeon_page”: 125
}
},
{
“id”: 124,
“title”: “Product Launch”,
“slug”: “product-launch”,
“status”: “publish”,
“date”: “2025-11-20T14:12:33”,
“modified”: “2025-11-27T16:45:10”,
“link”: “https://your-site.com/landing/product-launch”,
“edit_link”: “https://your-site.com/wp-admin/post.php?post=124&action=edit”,
“statistics”: {
“views”: 3210,
“conversions”: 178,
“conversion_rate”: 5.54,
“bounce_rate”: 38.7,
“avgtimeon_page”: 142
}
}
]
`

Status Codes:

• 200 OK – Success
• 401 Unauthorized – Authentication required
• 403 Forbidden – Insufficient permissions

Get Single Landing Page


Endpoint: GET /shahilandin/v1/landings/

Parameters:

| Parameter | Type | Description | Required |
|———–|———|———————–|———-|
| id | integer | Landing page ID | Yes |

Request:

`bash
curl -X GET \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123’ \
–user “username:password”
`

`javascript
const response = await fetch(‘/wp-json/shahilandin/v1/landings/123’, {
credentials: ‘same-origin’,
headers: {
‘X-WP-Nonce’: wpApiSettings.nonce
}
});
const landing = await response.json();
`

Response:

`json
{
“id”: 123,
“title”: “Summer Sale 2025”,
“slug”: “summer-sale-2025”,
“status”: “publish”,
“date”: “2025-11-15T10:23:45”,
“modified”: “2025-11-28T09:15:22”,
“link”: “https://your-site.com/landing/summer-sale-2025”,
“edit_link”: “https://your-site.com/wp-admin/post.php?post=123&action=edit”,
“statistics”: {
“views”: 5432,
“conversions”: 271,
“conversion_rate”: 4.99,
“bounce_rate”: 45.2,
“avgtimeon_page”: 125
}
}
`

Status Codes:

• 200 OK – Success
• 404 Not Found – Landing page doesn’t exist
• 401 Unauthorized – Authentication required

Create Landing Page


Endpoint: POST /shahilandin/v1/landings

Parameters:

| Parameter | Type | Description | Required |
|————–|——–|————————–|———-|
| title | string | Landing page title | Yes |
| status | string | Post status | No |
| slug | string | URL slug | No |
| html_content | string | HTML content | No |
| css_content | string | CSS styling | No |

Request:

`bash
curl -X POST \
‘https://your-site.com/wp-json/shahilandin/v1/landings’ \
–user “username:password” \
-H ‘Content-Type: application/json’ \
-d ‘{
“title”: “New Landing Page”,
“status”: “publish”,
“slug”: “new-landing”,
“html_content”: “

Welcome!

“,
“css_content”: “.hero { background: #333; color: #fff; }”
}’
`

`javascript
const response = await fetch(‘/wp-json/shahilandin/v1/landings’, {
method: ‘POST’,
credentials: ‘same-origin’,
headers: {
‘Content-Type’: ‘application/json’,
‘X-WP-Nonce’: wpApiSettings.nonce
},
body: JSON.stringify({
title: ‘New Landing Page’,
status: ‘publish’,
html_content: ‘

Welcome!

‘,
css_content: ‘.hero { background: #333; }’
})
});
const result = await response.json();
`

Response:

`json
{
“id”: 125,
“title”: “New Landing Page”,
“slug”: “new-landing”,
“status”: “publish”,
“date”: “2025-11-28T10:30:00”,
“modified”: “2025-11-28T10:30:00”,
“link”: “https://your-site.com/landing/new-landing”,
“edit_link”: “https://your-site.com/wp-admin/post.php?post=125&action=edit”,
“statistics”: {
“views”: 0,
“conversions”: 0,
“conversion_rate”: 0,
“bounce_rate”: 0,
“avgtimeon_page”: 0
}
}
`

Status Codes:

• 201 Created – Success
• 400 Bad Request – Invalid parameters
• 401 Unauthorized – Authentication required
• 403 Forbidden – Insufficient permissions

Update Landing Page


Endpoint: PUT /shahilandin/v1/landings/

Parameters:

| Parameter | Type | Description | Required |
|————–|———|————————–|———-|
| id | integer | Landing page ID | Yes |
| title | string | New title | No |
| status | string | New status | No |
| slug | string | New URL slug | No |
| html_content | string | Updated HTML | No |
| css_content | string | Updated CSS | No |

Request:

`bash
curl -X PUT \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123’ \
–user “username:password” \
-H ‘Content-Type: application/json’ \
-d ‘{
“title”: “Updated Title”,
“status”: “publish”
}’
`

`javascript
const response = await fetch(‘/wp-json/shahilandin/v1/landings/123’, {
method: ‘PUT’,
credentials: ‘same-origin’,
headers: {
‘Content-Type’: ‘application/json’,
‘X-WP-Nonce’: wpApiSettings.nonce
},
body: JSON.stringify({
title: ‘Updated Title’,
status: ‘publish’
})
});
const result = await response.json();
`

Response:

`json
{
“id”: 123,
“title”: “Updated Title”,
“slug”: “summer-sale-2025”,
“status”: “publish”,
“date”: “2025-11-15T10:23:45”,
“modified”: “2025-11-28T11:00:00”,
“link”: “https://your-site.com/landing/summer-sale-2025”,
“edit_link”: “https://your-site.com/wp-admin/post.php?post=123&action=edit”,
“statistics”: {
“views”: 5432,
“conversions”: 271,
“conversion_rate”: 4.99,
“bounce_rate”: 45.2,
“avgtimeon_page”: 125
}
}
`

Status Codes:

• 200 OK – Success
• 400 Bad Request – Invalid parameters
• 404 Not Found – Landing page doesn’t exist
• 401 Unauthorized – Authentication required

Delete Landing Page


Endpoint: DELETE /shahilandin/v1/landings/

Parameters:

| Parameter | Type | Description | Required |
|———–|———|——————————|———-|
| id | integer | Landing page ID | Yes |
| force | boolean | Permanently delete (skip trash) | No |

Request:

`bash

Move to trash


curl -X DELETE \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123’ \
–user “username:password”

Permanently delete


curl -X DELETE \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123?force=true’ \
–user “username:password”
`

`javascript
// Move to trash
const response = await fetch(‘/wp-json/shahilandin/v1/landings/123’, {
method: ‘DELETE’,
credentials: ‘same-origin’,
headers: {
‘X-WP-Nonce’: wpApiSettings.nonce
}
});

// Permanently delete
const response = await fetch(‘/wp-json/shahilandin/v1/landings/123?force=true’, {
method: ‘DELETE’,
credentials: ‘same-origin’,
headers: {
‘X-WP-Nonce’: wpApiSettings.nonce
}
});
`

Response:

`json
{
“deleted”: true
}
`

Status Codes:

• 200 OK – Success
• 404 Not Found – Landing page doesn’t exist
• 401 Unauthorized – Authentication required
• 403 Forbidden – Insufficient permissions

Analytics


Get Landing Page Statistics


Endpoint: GET /shahilandin/v1/landings//stats

Parameters:

| Parameter | Type | Description | Required |
|———–|———|—————–|———-|
| id | integer | Landing page ID | Yes |

Request:

`bash
curl -X GET \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123/stats’ \
–user “username:password”
`

Response:

`json
{
“views”: 5432,
“conversions”: 271,
“conversion_rate”: 4.99,
“bounce_rate”: 45.2,
“avgtimeon_page”: 125,
“views_log”: [
{
“timestamp”: “2025-11-28T10:30:00Z”,
“ip”: “192.168.1.1”,
“user_agent”: “Mozilla/5.0…”,
“referrer”: “https://google.com”
}
],
“conversions_log”: [
{
“timestamp”: “2025-11-28T10:35:00Z”,
“goal”: “signup”,
“data”: {“email”: “user@example.com”},
“ip”: “192.168.1.1”
}
]
}
`

Status Codes:

• 200 OK – Success
• 404 Not Found – Landing page doesn’t exist
• 401 Unauthorized – Authentication required

Track Page View (Public)


Endpoint: POST /shahilandin/v1/landings//view

Parameters:

| Parameter | Type | Description | Required |
|———–|———|———————|———-|
| id | integer | Landing page ID | Yes |
| _wpnonce | string | Analytics nonce | Yes |

Request:

`javascript
// Client-side tracking
fetch(‘/wp-json/shahilandin/v1/landings/123/view’, {
method: ‘POST’,
credentials: ‘same-origin’,
headers: {
‘Content-Type’: ‘application/json’,
‘X-WP-Nonce’: ShahiLandinAnalytics.nonce
}
});
`

Response:

`json
{
“success”: true
}
`

Rate Limiting: 1 view per visitor per minute

Status Codes:

• 200 OK – Success
• 404 Not Found – Landing page doesn’t exist
• 429 Too Many Requests – Rate limit exceeded

Track Conversion (Public)


Endpoint: POST /shahilandin/v1/landings//conversion

Parameters:

| Parameter | Type | Description | Required |
|———–|———|———————|———-|
| id | integer | Landing page ID | Yes |
| _wpnonce | string | Analytics nonce | Yes |
| goal | string | Conversion goal name| No |
| data | object | Additional data | No |

Request:

`javascript
// Client-side conversion tracking
fetch(‘/wp-json/shahilandin/v1/landings/123/conversion’, {
method: ‘POST’,
credentials: ‘same-origin’,
headers: {
‘Content-Type’: ‘application/json’,
‘X-WP-Nonce’: ShahiLandinAnalytics.nonce
},
body: JSON.stringify({
goal: ‘newsletter_signup’,
data: {
email: ‘user@example.com’,
source: ‘hero_cta’
}
})
});
`

Response:

`json
{
“success”: true
}
`

Rate Limiting: 1 conversion per visitor per 10 seconds

Status Codes:

• 200 OK – Success
• 404 Not Found – Landing page doesn’t exist
• 429 Too Many Requests – Rate limit exceeded

Experiments


Create Experiment


Endpoint: POST /shahilandin/v1/landings//experiment

Parameters:

| Parameter | Type | Description | Required |
|————–|———|——————-|———-|
| id | integer | Landing page ID | Yes |
| variant_name | string | Name for variant | No |

Request:

`bash
curl -X POST \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123/experiment’ \
–user “username:password” \
-H ‘Content-Type: application/json’ \
-d ‘{
“variant_name”: “Green Button Test”
}’
`

Response:

`json
{
“variant_id”: 127
}
`

Status Codes:

• 201 Created – Success
• 404 Not Found – Landing page doesn’t exist
• 401 Unauthorized – Authentication required
• 403 Forbidden – Experiments not enabled

Get Experiment Statistics


Endpoint: GET /shahilandin/v1/landings//experiment/stats

Parameters:

| Parameter | Type | Description | Required |
|———–|———|—————–|———-|
| id | integer | Landing page ID | Yes |

Request:

`bash
curl -X GET \
‘https://your-site.com/wp-json/shahilandin/v1/landings/123/experiment/stats’ \
–user “username:password”
`

Response:

`json
{
“is_active”: true,
“winner_id”: null,
“original”: {
“id”: 123,
“name”: “Summer Sale 2025”,
“views”: 5432,
“conversions”: 271,
“conversion_rate”: 4.99
},
“variants”: [
{
“id”: 127,
“name”: “Green Button Test”,
“views”: 2716,
“conversions”: 149,
“conversion_rate”: 5.48
},
{
“id”: 128,
“name”: “Red Button Test”,
“views”: 2716,
“conversions”: 122,
“conversion_rate”: 4.49
}
]
}
`

Status Codes:

• 200 OK – Success
• 404 Not Found – Landing page doesn’t exist
• 401 Unauthorized – Authentication required

Error Responses


Error Format


All error responses follow this structure:

`json
{
“code”: “error_code”,
“message”: “Human-readable error message”,
“data”: {
“status”: 400
}
}
`

Common Error Codes


| Code | Status | Description |
|——————-|——–|——————————–|
| not_found | 404 | Resource doesn’t exist |
| rest_forbidden | 403 | Insufficient permissions |
| restinvalidparam | 400 | Invalid parameter value |
| restmissingcallback_param | 400 | Required parameter missing |

Rate Limiting


Tracking Endpoints


Public tracking endpoints are rate-limited:

• View Tracking: 1 request per minute per IP
• Conversion Tracking: 1 request per 10 seconds per IP

Authenticated Endpoints


No rate limiting on authenticated endpoints, but reasonable use is expected.

Rate Limit Headers


`http
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1701172800
`

Pagination


Request Parameters


| Parameter | Type | Default | Description |
|———–|———|———|———————-|
| per_page | integer | 10 | Items per page |
| page | integer | 1 | Page number |

Response Headers


`http
X-WP-Total: 150
X-WP-TotalPages: 15
Link: ; rel=”next”
`

CORS


The API supports Cross-Origin Resource Sharing (CORS) for authenticated requests.

Headers:
`http
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization, Content-Type, X-WP-Nonce
`

Webhooks


ShahiLandin supports outgoing webhooks for events:

Configuring Webhooks


`php
// In functions.php or custom plugin
addfilter(‘shahilandinwebhook_url’, function($url) {
return ‘https://your-app.com/webhook’;
});

addfilter(‘shahilandinwebhook_events’, function($events) {
return [‘landingcreated’, ‘landingpublished’, ‘conversion’];
});
`

Webhook Payload


`json
{
“event”: “landing_published”,
“timestamp”: “2025-11-28T10:30:00Z”,
“data”: {
“id”: 123,
“title”: “Summer Sale 2025”,
“url”: “https://your-site.com/landing/summer-sale-2025”
}
}
`

Verifying Webhooks


`php
$signature = hashhmac(‘sha256’, $payload, WEBHOOKSECRET);
if ($signature === $SERVER[‘HTTPXSHAHILANDINSIGNATURE’]) {
// Valid webhook
}
`

SDK Examples


JavaScript/Node.js


`javascript
class ShahiLandinAPI {
constructor(baseURL, username, password) {
this.baseURL = baseURL;
this.auth = Buffer.from(${username}:${password}).toString(‘base64’);
}

async getLandings(params = {}) {
const query = new URLSearchParams(params).toString();
const response = await fetch(${this.baseURL}/shahilandin/v1/landings?${query}, {
headers: {
‘Authorization’: Basic ${this.auth}
}
});
return await response.json();
}

async createLanding(data) {
const response = await fetch(${this.baseURL}/shahilandin/v1/landings, {
method: ‘POST’,
headers: {
‘Authorization’: Basic ${this.auth},
‘Content-Type’: ‘application/json’
},
body: JSON.stringify(data)
});
return await response.json();
}

async getStats(id) {
const response = await fetch(${this.baseURL}/shahilandin/v1/landings/${id}/stats, {
headers: {
‘Authorization’: Basic ${this.auth}
}
});
return await response.json();
}
}

// Usage
const api = new ShahiLandinAPI(
‘https://your-site.com/wp-json’,
‘username’,
‘xxxx xxxx xxxx xxxx’
);

const landings = await api.getLandings({ status: ‘publish’ });
console.log(landings);
`

Python


`python
import requests
from requests.auth import HTTPBasicAuth

class ShahiLandinAPI:
def init(self, base_url, username, password):
self.baseurl = baseurl
self.auth = HTTPBasicAuth(username, password)

def get_landings(self, params=None):
url = f”{self.base_url}/shahilandin/v1/landings”
response = requests.get(url, auth=self.auth, params=params)
response.raiseforstatus()
return response.json()

def create_landing(self, data):
url = f”{self.base_url}/shahilandin/v1/landings”
response = requests.post(url, auth=self.auth, json=data)
response.raiseforstatus()
return response.json()

def getstats(self, landingid):
url = f”{self.baseurl}/shahilandin/v1/landings/{landingid}/stats”
response = requests.get(url, auth=self.auth)
response.raiseforstatus()
return response.json()

Usage


api = ShahiLandinAPI(
‘https://your-site.com/wp-json’,
‘username’,
‘xxxx xxxx xxxx xxxx’
)

landings = api.get_landings({‘status’: ‘publish’})
print(landings)
`

PHP


`php
class ShahiLandinAPI {
private $base_url;
private $username;
private $password;

public function _construct($baseurl, $username, $password) {
$this->baseurl = rtrim($baseurl, ‘/’);
$this->username = $username;
$this->password = $password;
}

private function request($method, $endpoint, $data = null) {
$url = $this->base_url . ‘/shahilandin/v1/’ . ltrim($endpoint, ‘/’);

$args = [
‘method’ => $method,
‘headers’ => [
‘Authorization’ => ‘Basic ‘ . base64_encode($this->username . ‘:’ . $this->password),
‘Content-Type’ => ‘application/json’,
],
];

if ($data) {
$args[‘body’] = json_encode($data);
}

$response = wpremoterequest($url, $args);

if (iswperror($response)) {
throw new Exception($response->geterrormessage());
}

return jsondecode(wpremoteretrievebody($response), true);
}

public function get_landings($params = []) {
$query = httpbuildquery($params);
return $this->request(‘GET’, ‘landings?’ . $query);
}

public function create_landing($data) {
return $this->request(‘POST’, ‘landings’, $data);
}

public function get_stats($id) {
return $this->request(‘GET’, “landings/{$id}/stats”);
}
}

// Usage
$api = new ShahiLandinAPI(
‘https://your-site.com/wp-json’,
‘username’,
‘xxxx xxxx xxxx xxxx’
);

$landings = $api->get_landings([‘status’ => ‘publish’]);
print_r($landings);
`

Best Practices


10. Use Application Passwords: More secure than user passwords
11. Cache Responses: Reduce API calls with local caching
12. Handle Errors Gracefully: Always check response status codes
13. Respect Rate Limits: Implement backoff strategies
14. Use Webhooks: For real-time updates instead of polling
15. Validate Input: Sanitize data before sending to API
16. Secure Credentials: Never expose API credentials in client code

—

For WP-CLI automation, see the WP-CLI Commands article.