API Documentation
Table of Contents
Overview
The Update Brief API is a RESTful API that allows you to access the brief update summaries of both WordPress Core updates and WordPress plugin updates, generated by Update Brief.
The API is designed to be easy to use with predictable, simple URLs. It uses standard HTTP response codes and requires an API Token for authentication. All responses are returned as JSON with a Content-Type: application/json header.
Quick Start
To get started, make an authenticated GET request to one of the API endpoints. Here is a complete example using curl to retrieve the update summary for the Akismet plugin, upgrading from version 5.4 to 5.5:
curl -H "Authorization: Bearer YourApiToken" \
https://updatebrief.com/api/v1/plugins/akismet/5.4/5.5
A successful request returns a JSON response like this:
{
"status": "200",
"plugin_slug": "akismet",
"start_version": "5.4",
"end_version": "5.5",
"summary": "This update enables webhooks for improved spam detection by Akismet through asynchronous comment processing. It also optimizes performance by loading Akismet widget CSS only when needed and enhances user interface readability with improved contrast.\n"
}
Your API Token can be found in the Update Brief Dashboard. Read on for full details on authentication, endpoints, and response formats.
Authentication
The Update Brief API uses API key authentication. To make an API request, include your API Token in the Authorization header as a Bearer token:
Authorization: Bearer YourApiToken
For example, using curl:
curl -H "Authorization: Bearer YourApiToken" https://updatebrief.com/api/v1/plugins/akismet/5.4/5.5
Or, using PHP with WordPress:
$response = wp_remote_get(
'https://updatebrief.com/api/v1/plugins/akismet/5.4/5.5',
array(
'headers' => array(
'Authorization' => 'Bearer YourApiToken',
),
)
);
$body = json_decode( wp_remote_retrieve_body( $response ), true );
Your API Token can be found in the Update Brief Dashboard.
Requests
The Update Brief API only accepts GET requests. Any other HTTP method (POST, PUT, DELETE, etc.) will return a 405 error.
The base URL for all requests is:
https://updatebrief.com/api/v1/
Note: Update Brief and the API currently support WordPress Core and plugin updates. Theme updates are not supported at this time.
Plugins
To request a brief update summary for a WordPress or Premium plugin update, use:
https://updatebrief.com/api/v1/plugins/{slug}/{startVersion}/{endVersion}
| Parameter | Description |
|---|---|
| {slug} | The slug (directory name) of the plugin. For plugins on WordPress.org, this is the last segment of the plugin's URL, e.g. wordpress.org/plugins/akismet/ |
| {startVersion} | The version number you have upgraded from |
| {endVersion} | The version number you have upgraded to |
Examples:
# Akismet Anti Spam, from version 5.4 to 5.5 https://updatebrief.com/api/v1/plugins/akismet/5.4/5.5 # Yoast SEO, from version 25.8 to 26.1.1 https://updatebrief.com/api/v1/plugins/wordpress-seo/25.8/26.1.1
WordPress Core
To request a brief update summary for a WordPress Core update, use:
https://updatebrief.com/api/v1/core/{startVersion}/{endVersion}
| Parameter | Description |
|---|---|
| {startVersion} | The WordPress version you have upgraded from |
| {endVersion} | The WordPress version you have upgraded to |
Examples:
# WordPress Core, from version 6.7 to 6.8 https://updatebrief.com/api/v1/core/6.7/6.8 # WordPress Core, from version 6.8.1 to 6.8.2 https://updatebrief.com/api/v1/core/6.8.1/6.8.2
Responses
All responses from the Update Brief API are returned as JSON. The API uses standard HTTP response codes to indicate success or failure.
Plugins
A successful plugin request returns a 200 status code with the plugin slug, version range, and summary:
{
"status": "200",
"plugin_slug": "seo-by-rank-math",
"start_version": "1.0.253",
"end_version": "1.0.255",
"summary": "This update improves search engine optimization by allowing users to view and edit SEO titles and descriptions for taxonomy terms. It also fixes several bugs, including a broken keyboard shortcut for Content AI, issues with removing Open Graph thumbnails, a PHP warning, and a missing preview in the Content AI Prompts library.\n"
}
If no summary is available for the requested version range, the API will return a 200 status code, but with a summary value of null:
{
"status": "200",
"plugin_slug": "seo-by-rank-math",
"start_version": "1.0.253",
"end_version": "99.9.99",
"summary": null
}
WordPress Core
A successful WordPress Core request returns a 200 status code with the update type, version range, and summary:
{
"status": "200",
"update": "WP Core",
"start_version": "6.8",
"end_version": "6.8.3",
"summary": "This update addresses multiple bugs in WordPress Core and the Block Editor, focusing on issues in the block editor, multisite functionality, and REST API. It includes fixes for automatic updater failures, bulk edit problems, and REST API errors related to sticky posts. Security enhancements include fixes for a data exposure issue allowing access to restricted content and a cross-site scripting vulnerability affecting nav menus. The update also incorporates various enhancements and bug fixes for themes, media handling, and accessibility.\n"
}
As with plugins, if no summary is available the response will contain "summary": null:
{
"status": "200",
"update": "WP Core",
"start_version": "6.8",
"end_version": "99.9",
"summary": null
}
Response Field Reference
| Field | Type | Description |
|---|---|---|
| status | string | The HTTP status code as a string |
| plugin_slug | string | The plugin slug (plugin responses only) |
| update | string | The update type, e.g. "WP Core" (core responses only) |
| start_version | string | The version upgraded from |
| end_version | string | The version upgraded to |
| summary | string | The update summary, or null if unavailable |
Error Handling
Error responses are returned as JSON with a status code and a message describing the problem:
{
"status": "401",
"message": "Unauthorized - Please check your API authorization credentials"
}
The table below lists all error codes returned by the API, along with troubleshooting guidance.
| Code | Message | Troubleshooting |
|---|---|---|
| 401 | Unauthorized - Please check your API authorization credentials |
Check that your API Token is included in the Authorization header as a Bearer token: Authorization: Bearer YourApiToken |
| 403 | Forbidden - Please check your current subscription is active | Your Update Brief subscription may have expired or there may be an issue with your payment card. Check your subscription status in the dashboard. |
| 403 | Forbidden - Exceeded number of plugins allowed in your subscription plan | Your plan allows a set number of unique plugins per month. Requesting the same plugin multiple times counts as one unique plugin, but each different plugin counts separately. Upgrade your plan to increase this limit. |
| 404 | Not Found - Please check the format of your request |
Check the request URL matches the correct format: Plugins: ../plugins/{slug}/{start}/{end} Core: ../core/{start}/{end} See the Requests section for full details. |
| 404 | Not Found - Please check your plugin slug is valid | The plugin slug must correspond to a valid WordPress plugin. For premium plugins, check that the plugin is listed on the available premium plugins page. |
| 405 | Method Not Allowed - Only the GET method is allowed | The API only accepts GET requests. POST, PUT, DELETE, and other HTTP methods are not supported. |
| 429 | Too Many Requests - Monthly rate limit exceeded, please upgrade your subscription | You have exceeded the monthly API request limit for your plan. Upgrade your subscription to increase this limit. |
| 429 | Too Many Requests - Per minute rate limit exceeded, slow down your requests | You are sending requests too quickly. Wait briefly and retry. See the Rate Limiting section for per-minute limits by plan. |
| 500 | Internal Server Error - Please try again later | An unexpected error occurred on the server. Please retry your request after a short wait. If the problem persists, contact us. |
Rate Limiting
To ensure fair and efficient use of the API, rate limits are applied based on your subscription plan. The per-minute limits are as follows:
| Plan | Requests per Minute |
|---|---|
| Developer | 60 |
| Agency | 60 |
| Business | 60 |
| Managed | 120 |
Rate Limit Headers
Every API response includes headers so you can monitor your usage programmatically:
| Header | Description |
|---|---|
| X-RateLimit-Limit-Month | Maximum requests allowed per month |
| X-RateLimit-Remaining-Month | Requests remaining this month |
| X-RateLimit-Reset-Month | Time until the monthly limit resets |
| X-RateLimit-Limit-Minute | Maximum requests allowed per minute |
| X-RateLimit-Remaining-Minute | Requests remaining this minute |
| X-RateLimit-Reset-Minute | Time until the per-minute limit resets |
If you have any questions about using the Update Brief API, or need help, please contact us. We are happy to help!
