The major AAM release is live! For questions or concerns, visit the Release Page.

Route

Syntax

Route:<endpoint>:<http-verb>
Route:*:<http-verb> - Premium Feature
Route:<endpoint>:* - Premium Feature
Route:*:* - Premium Feature
Route:* - Premium Feature

Definition

Manage access to an individual WordPress RESTful API endpoint (route). Each endpoint identifies by two attributes:

endpoint is the exact match of the $route parameter provided for the register_rest_routeopen in new window function.
http-verb is the HTTP method for the endpoint

You can find both attributes with the help of the AAM API Routes service.

AAM API Routes

The example statement below restricts access to the POST /wp/v2/posts endpoint (basically does not allow creating new posts).

{
    "Statement": {
        "Effect": "deny",
        "Resource": "Route:/wp/v2/posts:POST"
    }
}

The premium add-on introduces the wildcard * denotation to target a group of endpoints. The wildcard can be used instead of the endpoint, http-verb, or both.

For example, the statement below restricts any API requests to the /wp/v2/posts endpoint.

{
    "Statement": {
        "Effect": "deny",
        "Resource": "Route:/wp/v2/posts:*"
    }
}

The following statement restricts all GET RESTful API endpoints.

{
    "Statement": {
        "Effect": "deny",
        "Resource": "Route:*:GET"
    }
}

And this statement restricts all RESTful API endpoints disregarding its HTTP verb:

{
    "Statement": {
        "Effect": "deny",
        "Resource": "Route:*"
    }
}

FYI!

The resource denotation Route:* is a shorten representation of Route:*:*. Both target all RESTful API endpoints.

Virtual Assistant

Route

# Syntax

# Definition

Syntax

Definition