Talk about a lot of wrong information. It took me awhile to work my way through the out-of-the-box REST API that comes with WordPress by default. If you activate the REST API, you need to add a plug-in that forces authentication for access to the REST API. Once you have done that, you need to set up an account / password to use it. Once complete, you should be able to see the difference from a browser. Type in something like - https://<your web site>/wp-json/wp/v2/posts?per_page=100 and you would get back 100 posts in JSON format. Once you turn on authentication - you get back an error. Its an easy way to test to see if your site is protected.
You can also use Postman - www.postman.com which lets you test API calls and find out what they want in order to use them. My backend is all in C# and runs on a completely separate server, most of the examples you will find are for WordPress plugins. Also note that the REST API for WordPress.ORG is different than the one for WordPress.COM.
You can also use Postman - www.postman.com which lets you test API calls and find out what they want in order to use them. My backend is all in C# and runs on a completely separate server, most of the examples you will find are for WordPress plugins. Also note that the REST API for WordPress.ORG is different than the one for WordPress.COM.