Skip to main content

GET /users

Returns a paginated list of users with profile details and available roles. 
curl -X GET "https://example.com/wp-json/wp-manager-pro/v1/users?page=1&limit=20" \
  -H "X-WP-Nonce: YOUR_NONCE"

Parameters

page
integer
Page number. Defaults to 1.
limit
integer
Users per page. Defaults to 20, maximum 100.
search
string
Search term matched against login, email, and display name.
role
string
Filter by WordPress role slug (e.g. editor, subscriber).

Response

users
array
total
integer
Total number of users matching the query.
pages
integer
Total number of pages.
roles
array
All available WordPress roles as {key, name} objects.

POST /users/change-role

Changes the WordPress role for a user. You cannot change your own role. 
curl -X POST https://example.com/wp-json/wp-manager-pro/v1/users/change-role \
  -H "X-WP-Nonce: YOUR_NONCE" \
  -H "Content-Type: application/json" \
  -d '{"user_id": 5, "role": "editor"}'

Parameters

user_id
integer
required
ID of the user whose role to change.
role
string
required
Role slug to assign (e.g. editor, author, subscriber). Must be a valid registered WordPress role.

Response

success
boolean
Always true on success.
message
string
Confirmation message including the user’s display name and new role.

POST /users/login-as

Generates a single-use login URL to impersonate another user. The token embedded in the URL expires after 5 minutes and can only be used once.
The login URL includes a wmp_login_as parameter and a wmp_token parameter. When visited, WordPress switches the session to the target user. The original admin’s ID is stored in user meta to allow switching back.
curl -X POST https://example.com/wp-json/wp-manager-pro/v1/users/login-as \
  -H "X-WP-Nonce: YOUR_NONCE" \
  -H "Content-Type: application/json" \
  -d '{"user_id": 5}'

Parameters

user_id
integer
required
ID of the user to impersonate. Cannot be the currently logged-in user.

Response

success
boolean
Always true on success.
login_url
string
Single-use login URL. Valid for 5 minutes. Redirect the browser to this URL to switch sessions.
message
string
Confirmation message with the target user’s display name.

DELETE /users/delete

Permanently deletes a user account. You cannot delete your own account. 
curl -X DELETE https://example.com/wp-json/wp-manager-pro/v1/users/delete \
  -H "X-WP-Nonce: YOUR_NONCE" \
  -H "Content-Type: application/json" \
  -d '{"user_id": 5, "reassign": 1}'

Parameters

user_id
integer
required
ID of the user to delete.
reassign
integer
ID of the user to reassign the deleted user’s posts to. If omitted, posts are deleted along with the user.

Response

success
boolean
Always true on success.
message
string
Confirmation message.

POST /users/rename

Changes the user_login (username) of a user. WordPress does not expose a public API for changing usernames, so this endpoint performs a direct database update. You cannot rename your own account.
Changing a username does not update any content that references the old username by string value. Ensure nothing in your application depends on a hard-coded username.
curl -X POST https://example.com/wp-json/wp-manager-pro/v1/users/rename \
  -H "X-WP-Nonce: YOUR_NONCE" \
  -H "Content-Type: application/json" \
  -d '{"user_id": 5, "username": "new_username"}'

Parameters

user_id
integer
required
ID of the user to rename.
username
string
required
New username. Must not contain spaces or invalid characters. Must be unique across all users.

Response

success
boolean
Always true on success.
message
string
Confirmation message.
username
string
The new username that was applied.

Build docs developers (and LLMs) love

Get started for freeTalk to us