FAIR

Federated and Independent Repositories

Metronyx Headless CMS Connector

Plugin Banner

Metronyx Headless CMS Connector

by ariellejphoenix

Download
Description

Metronyx Headless CMS Connector provides a clean, secure REST API to connect your WordPress content with any frontend framework. Perfect for developers building modern web applications with Next.js, React, Vue, Angular, or any other frontend technology.

Key Features

  • Clean REST API – Simple endpoints for posts, pages, and content
  • Advanced Content Delivery – Optimized for modern headless CMS implementations
  • CORS Support – Configured for secure frontend framework connections
  • Framework Agnostic – Works with Next.js, React, Vue, Angular, and any frontend
  • SEO Optimized – Built-in meta fields and structured data for better search performance
  • Enterprise Security – Built-in security features, input validation, and rate limiting
  • Complete Documentation – Built-in API docs and usage examples

Security Features

This plugin has been thoroughly audited and includes:

  • Input validation and sanitization
  • CSRF protection with nonce verification
  • XSS prevention with output escaping
  • Rate limiting and pagination limits
  • CORS security with strict origin validation
  • Path traversal protection
  • Proper capability checks for admin functions

API Endpoints

Posts & Pages:
* GET /wp-json/metronyx-connector/v1/posts – All posts with pagination
* GET /wp-json/metronyx-connector/v1/posts/{slug} – Single post by slug
* GET /wp-json/metronyx-connector/v1/posts/featured – Featured posts only
* GET /wp-json/metronyx-connector/v1/pages – All pages
* GET /wp-json/metronyx-connector/v1/pages/{slug} – Single page by slug

Categories & Tags:
* GET /wp-json/metronyx-connector/v1/categories – All categories
* GET /wp-json/metronyx-connector/v1/tags – All tags

Coming Soon:
* Advanced e-commerce endpoints (future releases)
* Enhanced content filtering and search
* Multi-site headless architecture support

Data Structure

Each post/page includes:
* Basic content (title, slug, content, excerpt)
* SEO metadata (title, description, canonical URL)
* Featured images with multiple sizes
* Categories and tags
* Author information
* Custom meta fields

Future releases will include:
* Advanced content filtering and search capabilities
* Enhanced SEO metadata and structured data
* Multi-language content support
* Custom post type integration
* Performance analytics and insights

Usage Example

// Fetch all posts
const posts = await fetch('/wp-json/metronyx-connector/v1/posts')
  .then(res => res.json());

// Fetch single post
const post = await fetch('/wp-json/metronyx-connector/v1/posts/your-post-slug')
  .then(res => res.json());

// Next.js example
export async function getStaticProps({ params }) {
  const post = await fetch(`${process.env.WORDPRESS_API_URL}posts/${params.slug}`)
    .then(res => res.json());

  return { props: { post } };
}

Professional Services

Running a headless WordPress setup means your SEO, performance, and content pipeline all need to work together. Metronyx specializes in WordPress-powered businesses and can help with:

  • Headless CMS Architecture – Custom REST API design, frontend-backend decoupling, and deployment pipelines for Next.js, React, or Vue
  • AI SEO & Answer Engine Optimization (AEO) – Get your WordPress content surfaced in AI search results from ChatGPT, Perplexity, and Google AI Overviews
  • Performance & Caching – Server-side rendering optimization, CDN configuration, and API response caching for sub-second page loads
  • Custom API Development – Bespoke endpoints for WooCommerce, ACF, custom post types, and third-party integrations
  • SEO for Headless WordPress – Structured data, meta tag management, sitemap generation, and crawl optimization for decoupled sites
  • Multi-site & Enterprise – Manage multiple headless WordPress properties from a single admin with shared content APIs

Learn more at metronyx.co.uk or get a free SEO audit.

Developer

Built and maintained by Arielle Phoenix (ariellephoenix.com).
AI SEO and headless WordPress solutions by Metronyx (metronyx.co.uk).

  1. Upload the plugin files to /wp-content/plugins/metronyx-headless-cms-connector/
  2. Activate the plugin through the ‘Plugins’ screen in WordPress
  3. Go to Headless CMS in your WordPress admin menu
  4. Configure your frontend URL and CORS settings in Headless CMS Setup
  5. Start using the API endpoints in your frontend application
What frontend frameworks does this work with?

This plugin works with any frontend framework that can make HTTP requests, including Next.js, React, Vue.js, Angular, Nuxt.js, Gatsby, and more.

Does this plugin support e-commerce?

E-commerce functionality is planned for future releases. Currently, the plugin focuses on content delivery for posts, pages, and taxonomies.

Is this plugin secure?

Yes, this plugin follows WordPress security best practices including input sanitization, output escaping, nonce verification, and proper capability checks.

Can I customize the API responses?

The plugin provides comprehensive data in each API response. For custom modifications, you can use WordPress hooks and filters.

How do I set up CORS for my frontend?

Go to Headless CMS Setup and enter your frontend URLs in the CORS Origins field (one per line).

1.0.4

  • Fixed: Content rendering now uses get_the_content() pipeline instead of direct apply_filters for Plugin Check compliance
  • Fixed: Added phpcs:ignore for meta_query usage with explanatory comment
  • Improved: Content rendering includes do_blocks() support for block editor content

1.0.3

  • Fixed: Plugin URI changed to root domain to prevent timeout during WP.org review checks
  • Fixed: Inline JavaScript migrated from raw tag to wp_add_inline_script() for enqueue compliance
  • Fixed: AJAX action renamed from dismiss_metronyx_welcome_notice to metronyx_dismiss_welcome_notice for proper prefix ordering
  • Updated: Nonce action string updated to match new AJAX action name

1.0.2

  • Fixed: Plugin URI now points to a live public page
  • Fixed: Contributors field matches WordPress.org username
  • Improved: Added explicit inline comments on all permission_callback declarations to clarify intentional public access for read-only published content endpoints
  • Removed: Unused “Coming Soon” products endpoint comment

1.0.1

  • Fixed: Added wp_unslash() to all $_POST values before sanitization
  • Fixed: Escaped output variables in welcome notice (esc_attr, esc_html)
  • Fixed: Added isset() check on nonce verification in dismiss handler
  • Updated: Tested up to WordPress 6.9
  • Updated: Tags trimmed to 5 per WordPress.org guidelines

1.0.0

  • Initial release
  • Clean REST API for posts, pages, categories, and tags
  • CORS support for frontend frameworks
  • Security features and input validation
  • Admin interface with comprehensive documentation
  • Custom meta fields for SEO and content settings
Back to top