Unified Media Upload Endpoint

Last updated: February 13, 2026

Route

POST/DELETE /wp-json/extrachill/v1/media

Purpose

Centralized image upload and management for all platform contexts. Handles upload, assignment, old image cleanup, and deletion across user avatars, artist profiles, link pages, and content embeds.

Permission

  • POST: Varies by context – some require logged-in user, artist contexts require ec_can_manage_artist()
  • DELETE: Same permission requirements as POST for the context

Supported Contexts

Contexttarget_idStorage LocationPermission
user_avataruser_idcustom_avatar_id user metaMust be own user
artist_profileartist_idArtist post thumbnailMust manage artist
artist_headerartist_id_artist_profile_header_image_id metaMust manage artist
link_page_backgroundartist_id_link_page_background_image_id metaMust manage artist
content_embedpost_id (optional)Attachment onlyAny logged-in user

POST Request (Upload)

bash
curl -X POST "http://site.local/wp-json/extrachill/v1/media" 
  -F "file=@/path/to/image.jpg" 
  -F "context=user_avatar" 
  -F "target_id=1"

Request Parameters

ParameterTypeRequiredNotes
contextstringYesUpload context (see supported contexts table)
target_idintegerRequired for most contextsEntity ID (user ID, artist ID, or post ID depending on context)
filefileYesImage file (JPG, PNG, GIF, WebP; max 5MB)

POST Response

json
{
  "attachment_id": 123,
  "url": "https://example.com/wp-content/uploads/2025/01/image.jpg",
  "context": "user_avatar",
  "target_id": 1
}

DELETE Request (Delete)

bash
curl -X DELETE "http://site.local/wp-json/extrachill/v1/media" 
  -H "Content-Type: application/json" 
  -d '{
    "context": "user_avatar",
    "target_id": 1
  }'

Request Parameters

ParameterTypeRequiredNotes
contextstringYesSame context used in POST
target_idintegerYesSame target ID as in POST

DELETE Response

json
{
  "deleted": true,
  "context": "user_avatar",
  "target_id": 1
}

Error Codes

CodeStatusDescription
missing_context400Context parameter is missing
invalid_context400Context is not recognized
missing_target_id400target_id is required for this context but missing
invalid_file400File is missing, too large, or invalid format
missing_permission403Current user doesn’t have permission for this context
invalid_target404Target entity (user, artist, post) not found
database_error500Failed to save image metadata

Implementation Notes

  • Files are validated before upload (JPG, PNG, GIF, WebP only; max 5MB)
  • Old images are automatically deleted when replaced (for POST requests)
  • Images are stored in WordPress media library
  • Metadata assignment varies by context (thumbnails, user meta, post meta, etc.)
  • DELETE removes both the meta assignment AND the attachment from media library
  • Permission checking uses context-appropriate functions (ec_can_manage_artist(), capability checks, etc.)

File Upload Validation

  • Allowed formats: JPG, JPEG, PNG, GIF, WebP
  • Maximum size: 5MB
  • MIME types: image/jpeg, image/png, image/gif, image/webp
  • GET/PUT /artists/{id} – Includes image URLs for artist profiles
  • GET/PUT /artists/{id}/links – Includes background image URL

Usage Examples

Upload User Avatar

bash
curl -X POST "http://site.local/wp-json/extrachill/v1/media" 
  -H "X-WP-Nonce: nonce_value" 
  -F "[email protected]" 
  -F "context=user_avatar" 
  -F "target_id=1"

Upload Artist Profile Image

bash
curl -X POST "http://site.local/wp-json/extrachill/v1/media" 
  -H "X-WP-Nonce: nonce_value" 
  -F "[email protected]" 
  -F "context=artist_profile" 
  -F "target_id=123"

Upload Link Page Background

bash
curl -X POST "http://site.local/wp-json/extrachill/v1/media" 
  -H "X-WP-Nonce: nonce_value" 
  -F "[email protected]" 
  -F "context=link_page_background" 
  -F "target_id=123"

Delete Avatar

bash
curl -X DELETE "http://site.local/wp-json/extrachill/v1/media" 
  -H "X-WP-Nonce: nonce_value" 
  -H "Content-Type: application/json" 
  -d '{
    "context": "user_avatar",
    "target_id": 1
  }'

Permission Details

user_avatar

  • Current user must match target_id
  • Cannot upload avatar for other users

Artist Contexts (artist_profile, artist_header, link_page_background)

  • Uses ec_can_manage_artist() permission check
  • User must be artist owner or admin
  • Artist with target_id must exist

content_embed

  • Any logged-in user can upload
  • Image stored in media library only (no meta assignment)
  • Optional target_id for context (e.g., post being edited)

Integration

This endpoint centralizes image management across the platform, eliminating duplicate upload logic in individual plugins. All image uploads should route through this endpoint.

More in Media

Artist Link Page Data Endpoint

Route GET/PUT /wp-json/extrachill/v1/artists/{id}/links Purpose Retrieve and update link page presentation data for an artist. This…

Image Voting Vote Count Endpoint

Route GET /wp-json/extrachill/v1/blog/image-voting/vote-count/{post_id}/{instance_id} Purpose Returns the latest vote tally for a specific Image Voting block…

SEO Audit Continue Endpoint

Continues a batch audit from where it left off. Endpoint POST /wp-json/extrachill/v1/seo/audit/continue Authentication Requires manage_network_options…

User Search

Search for users by username, email, or display name with context-aware responses. Supports both public…

All Extrachill Api Docs View all Media