Linux 软件免费装
Banner图

CoCart - Headless REST API for WooCommerce

开发者 sebd86
cocartforwc
ajayghaghretiya
skunkbad
sefid-par
mattdabell
joshuaiz
dmchale
JPPdesigns
inspiredagency
darkchris
mohib007
rozaliastoilova
ashtarcommunications
albertoabruzzo
jnz31
douglasjohnson
antondrob2
szepeviktor
更新时间 2026年7月13日 02:43
PHP版本: 8.2 及以上
WordPress版本: 7.0
版权: GPLv3
版权网址: 版权信息

标签

woocommerce cart rest-api headless decoupled

下载

4.0.1 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 3.5.0 2.8.0 3.11.2 3.1.0 3.0.17 3.0.16 4.3.8 4.8.1 4.3.9 4.3.2 3.7.1 3.10.7 3.10.8 3.7.10 3.7.6 3.0.3 2.9.0 4.6.3 2.9.2 3.1.2 3.0.5 3.0.6 3.0.2 3.0.7 3.0.8 2.9.3 3.0.12 3.0.13 3.0.14 3.0.9 3.4.1 2.8.2 3.0.15 3.0.4 4.3.20 4.8.4 4.3.3 4.3.5 3.8.1 2.8.1 2.8.3 2.9.1 3.2.0 3.4.0 3.0.1 3.0.11 3.1.1 3.3.0 3.6.0 3.6.2 3.0.10 3.6.1 3.6.3 4.0.0 4.3.11 4.3.12 2.8.4 3.7.7 3.7.0 4.8.3 3.12.0 4.0.2 4.2.1 4.3.14 4.3.4 4.3.6 4.3.7 3.7.4 3.8.0 4.3.10 4.3.13 3.10.4 3.10.6 3.7.2 3.10.2 3.10.0 3.9.0 3.10.1 3.0.0 3.10.3 3.7.8 3.8.2 3.10.5 3.7.11 3.7.3 3.10.9 3.11.0 3.11.1 3.7.5 3.7.9 4.7.0 4.1.1 4.2.0 4.2.2 4.3.0 4.3.1 4.3.16 4.3.21 4.3.17 4.3.15 4.3.18 4.3.22 4.3.23 4.6.4 4.1.0 4.3.24 4.3.25 4.3.27 4.3.28 4.3.29 4.3.30 4.4.0 4.3.19 4.3.26 4.5.0 4.6.0 4.6.1 4.6.2 4.8.0 4.8.2 4.9.0

详情介绍:

You’ve chosen WooCommerce for your store. Now you want a modern frontend — React, Next.js, Astro, Vue — without being locked into WordPress themes. That’s exactly what CoCart is built for. CoCart gives WooCommerce a proper frontend REST API: cookie-less session management built for stateless frontends, authentication that makes sense, and CORS support built-in. Cart sessions, authentication, and product data. Scale up when you're ready. In active development since 2018, with a ★4.9/5 rating from the developers who build headless stores with it every day. Features | Why CoCart? | Free vs. CoCart Plus | SDKs & Tools | Support | Docs 🚀 Make your first API call in 2 minutes Install CoCart and you're immediately ready to call the API — no setup required: curl -X POST https://your-store.com/wp-json/cocart/v2/cart/add-item \ -H "Content-Type: application/json" \ -d '{"id": "123", "quantity": 1}' Want to explore before installing? Try a free sandbox → See the full API reference → 💬 Loved by 1,000+ developers worldwide Rated ★★★★★ 4.9/5 on WordPress.org. ★★★★★
"An excellent plugin, which makes building a headless WooCommerce experience a breeze. Easy to use, nearly zero setup time." — Harald Schneider ★★★★★ "This plugin works great out of the box for adding products to the cart via API. The code is solid and functionality is as expected, thanks Sebastien!" — Scott Bolinger, Creator of Holler Box ★★★★★ "Thanks for doing such great work with this! Works exactly as expected and CoCart seems to have a nice community around it. The founder seems really devoted and that’s one of the key things for a plugin like this to live on and get the right updates in the future. We just got ourselves the lifetime subscription." — Mighty Group Agency See our full wall of love for more developer testimonials.
Why CoCart? WooCommerce’s Store API can be used headless, but it was designed for the Gutenberg block editor ecosystem. Its session model relies on nonces passed via response headers — suited for anonymous single-session shoppers, but the nonce is tied to WordPress's nonce lifecycle and less straightforward to persist across sessions or devices. CoCart is purpose-built for headless from day one: cart sessions identified by a persistent key — no nonces, no cookies — a single unified endpoint set for both product and cart data, and authentication for customers that supports any shop requirement. Features 🚀 Session management that works 🛒 Essential cart operations 💻 Developer experience, done right 🎯 Battle-tested Who builds with CoCart? Frontend developers shipping storefronts in Next.js, React, Vue, Nuxt, Astro, Svelte, or Remix — keep WooCommerce as the commerce engine and own the entire frontend experience, from server components to fully static builds. Mobile app developers building shopping apps in React Native, Flutter, Swift, or Kotlin — the same cart key works across devices, so a customer can start a cart on their phone and finish on the web. Agencies delivering high-performance client storefronts — reuse one proven commerce backend across projects while every client gets a custom frontend, free of WordPress theme constraints. Product teams going beyond the browser — progressive web apps with persistent carts, in-store kiosks, point-of-sale screens, even chat and voice commerce. Anywhere a customer can shop, CoCart can serve the cart. Free vs. CoCart Plus The free community version handles everything a headless cart needs: sessions, auth, CORS, cart operations, and product queries. It is actively maintained with security updates. New features ship in CoCart Plus. When you’re ready to build a complete headless storefront — with coupons, shipping, fees, rate limiting, and checkout — Plus has you covered: View CoCart Plus features and pricing → 👍 Add-ons Free add-ons that extend the core: SDKs & Tools Official SDKs — authentication, session management, and cart operations out of the box:
More are also in development and look forward to your feedback.
Developer tools: Need Support? Free users: Post in the WordPress support forum or join the CoCart Discord community — a growing group of developers, agencies, and shop owners building headless stores together. CoCart Plus customers receive priority support with faster response times. Join the community on Discord → More Information 💯 Credits Developed and maintained by Sébastien Dumont Founder of CoCart Headless, LLC.

安装:

Minimum Requirements Recommended Requirements Automatic installation Automatic installation is the easiest option as WordPress handles the file transfers itself and you don’t need to leave your web browser. To do an automatic install of CoCart, log in to your WordPress dashboard, navigate to the Plugins menu and click Add New. In the search field type "CoCart" and click Search Plugins. Once you’ve found the plugin you can view details about it such as the point release, rating, and description. Most importantly of course, you can install it by simply clicking "Install Now". Manual installation The manual installation method involves downloading the plugin and uploading it to your web server via your favorite FTP application. The WordPress codex contains instructions on how to do this here. Upgrading Review the changelog before upgrading. CoCart follows Semver — MAJOR versions may contain breaking API changes.

屏幕截图:

  • Settings page — configure CORS, authentication, sessions, and features without touching code.
  • Integrations page — control which supported third-party plugins load during CoCart requests.

升级注意事项:

4.9.0 PHP version 8.2 is the minimum requirement to install and use CoCart.

常见问题:

Who is CoCart for?

Developers building headless or decoupled WooCommerce storefronts. If you can make HTTP requests and read JSON, you’re ready. No WordPress development experience required — CoCart abstracts the complexity and gives you clean, predictable API responses. Perfect for:

  • Frontend developers building with React, Next.js, Astro, Vue, or any modern framework
  • Agencies creating high-performance client storefronts
  • Mobile app developers who need a reliable eCommerce API

How do I get started?

Install WooCommerce and configure your store, then install and activate CoCart. You’re immediately ready to call the API — no additional setup required. Check the installation section for requirements, then follow the API reference to start building.

What happens to the free community version if I don’t upgrade?

Nothing. The free community stays fully functional. It covers sessions, authentication, CORS, cart operations, and product queries — everything you need to build a working headless cart. CoCart Plus adds advanced features like coupons, shipping, fees, and rate limiting for when you need them.

Is my store or customer data sent to CoCart’s servers?

No. CoCart runs entirely on your WordPress server. No customer data, cart contents, or store information is ever sent to CoCart’s servers. The plugin collects no analytics without your consent. Full privacy policy →

Will my existing WooCommerce plugins still work?

Plugins that modify backend functionality — payment gateways, shipping, tax, inventory — continue to work. Plugins that only modify the PHP frontend (themes, shortcodes, widgets) won’t apply to the REST API layer, which is expected in a headless setup.

Why use CoCart instead of WooCommerce’s Store API?

WooCommerce’s Store API can be used headless, but it was designed for the Gutenberg block editor ecosystem. Its session model relies on nonces passed via response headers — suited for anonymous single-session shoppers, but tied to WordPress’s nonce lifecycle and less straightforward to persist across sessions or devices. CoCart is purpose-built for headless: cart sessions identified by a persistent key and authentication that supports any shop requirement.

Why does CoCart use a custom session handler?

Headless storefronts are stateless by nature — there’s no browser session to rely on, and concurrent requests are common. CoCart’s session handler is cookie-less, database-stored, and safe for concurrent requests, with full support for both guest and authenticated customers from day one.

Can I run WordPress on one domain and my storefront on another?

Yes — that’s the primary use case CoCart is built for. Enable CORS via the free CORS add-on or manually via the filter documented here.

Can I call other WordPress or WooCommerce APIs alongside CoCart?

Yes. CoCart doesn’t block or replace any other API. Once authenticated, your frontend can access CoCart endpoints, WooCommerce endpoints, and any custom endpoints you’ve built — all at the same time.

Can CoCart support SSO?

CoCart does not implement SSO itself — it authenticates customers against WordPress user accounts using Basic Auth or JWT (via add-on). It does not natively speak SAML, OAuth 2.0, or OIDC. That said, CoCart can work alongside SSO in a headless setup. The typical pattern is:

  1. Your identity provider (Google, Okta, Auth0, etc.) authenticates the user via your frontend.
  2. A WordPress SSO plugin (e.g. one handling OAuth 2.0 or SAML) creates or matches a WordPress user account for that identity.
  3. Your frontend then authenticates with CoCart using Basic Auth or JWT as that WordPress user.
The SSO layer handles identity; CoCart handles the commerce session from that point on. Whether this works smoothly depends on how your chosen SSO plugin manages WordPress user creation and session state — that part is outside CoCart's scope.

Does CoCart work on multisite?

Yes. Install and activate CoCart on each site where you want to use it.

Can I change the format of API responses?

Yes — there are 180+ filters available to customize responses, add fields, or remove data you don’t need.

Is "WooCommerce Shipping and Tax" plugin supported?

No — it restricts tax calculation to WooCommerce Blocks and Jetpack only. We don’t recommend it for headless setups. TaxJar for WooCommerce (v3.2.5+) is supported.

Does CoCart work with caching plugins like LiteSpeed or WP Rocket?

Yes. CoCart automatically excludes its API endpoints from page caching, so caching plugins won't interfere with cart sessions or API responses. LiteSpeed Cache is explicitly supported out of the box. Though, some hosts may require manual configuration to exclude CoCart API endpoints.

How are cart sessions identified without cookies?

Each cart is assigned a unique cart key, which your frontend passes as a request header or query parameter on subsequent API calls. This makes sessions fully stateless and safe for concurrent requests — no cookies, no session conflicts. See the session documentation for implementation details.

Is there a hosted version, or does it run on my server?

CoCart runs entirely on your WordPress server — there's no external service, no cloud dependency, and no data leaving your environment. You own your stack.

Where can I report bugs?

On the CoCart GitHub repository or in the #bug-report channel of the Discord community. Search first to avoid duplicates.

Where can I find more answers?

Check the full FAQ on cocartapi.com or browse the documentation.

更新日志:

CoCart is open source and community-driven. Every release is tested, maintained, and published here on WordPress.org. Need more power? CoCart Plus unlocks advanced features and priority support. v4.9.0 - July 12th, 2026 What's New?
[!IMPORTANT] PHP version 8.2 is the minimum requirement to install and use CoCart. PHP 7.4, 8.0, and 8.1 are all past end-of-life/security support so to help manage development resources to maintain CoCart, it will no longer be tested on these versions. Running CoCart on PHP 8.2 not only ensures you are secure but it also improves the performance of the CoCart API. Thank you for your understanding.
Settings show a locked state when controlled by an external filter with a link providing information as to what and where.
Bug Fixes PHP 8.2+ Fixes Change
Dev note: You will still be warned "Keeping sessions for longer than X days can cause performance issues and larger session tables."
Improvements Breaking Changes Developers Deprecation's Compatibility v4.8.4 - 21st April, 2026 Bug Fixes Compatibility v4.8.3 - 26th January, 2026 Bug Fixes Changes v4.8.2 - 20th January, 2026 Improvements Compatibility v4.8.1 - 24th November, 2025 Bug Fixes Improvements Compatibility v4.8.0 - 22nd September, 2025 What's New? Improvements Developers Compatibility v4.7.0 - 8th August, 2025 What's New? Improvements v4.6.4 - 6th August, 2025 Bug Fixes Improvements Deprecated v4.6.3 - 27th July, 2025 Bug Fix v4.6.2 - 25th July, 2025 Bug Fix
WooCommerce v10 caused a cache issue due to a change in the many times session data is handled.
Improvements
Developer note: Cart cache allows for items with custom pricing to be calculated on the native site and not just via the REST API to keep consistent with calculations.
Requirements Compatibility v4.6.1 - 21st July, 2025 Bug Fixes Compatibility v4.6.0 - 26th June, 2025 This release is a compatibility release for the next WooCommerce release. What's new? Changes Improvements Compatibility v4.5.0 - 31st May, 2025 This release will most likely be the last update released on the WordPress plugin directory with anything NEW added. What's New? Bug Fix Plugin Details Compatibility v4.4.0 - 16th May, 2025 This release focuses on supporting such tools like ManageWP, MainWP, Blogvault etc. Changes
Note: The session expiration's can still be filtered back to the previous values but that would mean it would match the expiration for logged in users.
Third Party Support Developers Internal Deprecations v4.3.30 - 27th April, 2025 Bug Fix Improvement Compatibility v4.3.29 - 10th April, 2025 Bug Fix Improvements
Dev note: Meaning if you have requested that the customer provides the shipping address first before shipping is calculated, then no shipping methods will return until it's provided.
Compatibility v4.3.28 - 6th April, 2025 Bug Fix v4.3.27 - 3rd April, 2025 Bug Fix v4.3.26 - 1st April, 2025 Bug Fix Improvements Requirement change v4.3.25 - 17th March, 2025 Bug Fixes v4.3.24 - 10th March, 2025 Bug Fix Improvements v4.3.23 - 3rd March, 2025 Bug Fixes Improvements
Dev note: This affects only new guest sessions.
Compatibility v4.3.22 - 26th February, 2025 Corrections For Developers
Developer note: This allows you to then alter values such as the billing country. See example.
` add_filter( 'cocart_get_customer_billing_country', function( $value ) { if ( WC()->countries->country_exists( $value ) ) { return WC()->countries->get_countries()[ $value ]; } return $value; }, 10, 1); * Introduced new filtercocart_get_after_customer_{field-type}_fieldsthat allows you to change the customer fields after they returned. Replace{field-type}with eitherbillingorshipping` for the fields to alter. v4.3.21 - 20th February, 2025 Improvement v4.3.20 - 8th February, 2025 Bug Fix v4.3.19 - 6th February, 2025 Bug Fix v4.3.18 - 22nd January, 2025 General Compatibility v4.3.17 - 14th January, 2025 Bug Fix Improvements Compatibility View the full changelog here.