Getting Started
The Writizzy public API lets you use your blog as a headless CMS. Pull your published content into any frontend, Next.js, Astro, a mobile app, or anything that can make an HTTP request, and push new content in programmatically.
What the API gives you
The v1 API has two sides: read your published content, and write to manage it from your own tools.
Read
| Resource | Description |
|---|---|
| Blog | Metadata, name, description, language, logo, navigation |
| Posts | Paginated list, or a single post by slug |
| Tags | All tags with metadata and post counts |
| Author | Public profile of the blog's author |
Write
| Action | Description |
|---|---|
| Create post | Add a new draft from a title and Markdown content |
| Update post | Patch any field of an existing post |
| Publish / unpublish | Toggle a post's visibility |
| Upload media | Push an image and get back a CDN URL |
Content is returned as raw Markdown, and write endpoints accept Markdown too, so you author and render with your own tooling.
For the full write guide, see Writing content.
Requirements
The public API is available on Starter plans and above. It is not available on the free plan. Both reading and writing require this, and access is checked on every request: if a blog downgrades below Starter, its keys stop working until it upgrades again.
Get your API keys
Keys are scoped to a single blog and to a single permission level:
- A read key can only read published content. It is safe to drop in a static-site build or CI, harmless if it leaks.
- A write key can read and write: create, update, publish, and upload media. Treat it like a password and keep it on the server side only.
A blog has at most one read key and one write key. To generate them:
- Open your Blog Settings from the dashboard
- Navigate to Developer API
- Generate the read key, the write key, or both
- Copy each key immediately, it is shown only once
Your keys look like this:
wz_yourblog_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Anyone with a read key can read all published content on your blog, including premium posts. Anyone with a write key can also publish and edit, so guard it carefully.
Revoking a key
To invalidate a key and issue a new one, click Revoke & regenerate on the matching key in the same settings panel. Generating a key again for a scope replaces the previous one of that scope. The old key stops working immediately.
Authenticate your requests
Pass the key as a Bearer token in the Authorization header on every request:
GET /v1/blogs/yourblog/posts
Authorization: Bearer wz_yourblog_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
There is no OAuth flow, no token expiry, and no refresh step, just the key.
Your first request
Fetch the list of published posts on your blog:
curl https://writizzy.com/v1/blogs/yourblog/posts \
-H "Authorization: Bearer wz_yourblog_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
A successful response looks like:
{
"posts": [...],
"page": 0,
"limit": 20,
"total": 42,
"totalPages": 3
}
Error responses
All errors follow a consistent format:
{
"error": "NOT_FOUND",
"message": "Post not found",
"status": 404
}
| Status | Meaning |
|---|---|
401 | Missing or invalid API key |
403 | Key does not match this blog, write attempted with a read key, storage quota exceeded, or the blog's plan no longer includes the public API |
404 | Resource does not exist |
429 | Daily rate limit exceeded |
500 | Server error |
Rate limits
The API is designed for static site builds, you can fetch your entire blog in one pass.
| Limit | Value |
|---|---|
| Requests per day | 10,000 per key |
| Max posts per page | 1,000 (for builds) |
When the limit is exceeded you receive a 429 response with a Retry-After header.