wp_create_application_password
Generate application passwords for WordPress users to enable secure API access for external applications, managing authentication credentials programmatically.
Instructions
Creates a new application password for a user.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| site | No | The ID of the WordPress site to target (from mcp-wordpress.config.json). Required if multiple sites are configured. | |
| user_id | Yes | The ID of the user to create the password for. | |
| app_name | Yes | The name of the application this password is for. |
Implementation Reference
- src/tools/site.ts:95-113 (registration)Tool registration and schema definition in SiteTools.getTools() array. Specifies name, description, input parameters (user_id: number required, app_name: string required), and binds the handler function.
{ name: "wp_create_application_password", description: "Creates a new application password for a user.", parameters: [ { name: "user_id", type: "number", required: true, description: "The ID of the user to create the password for.", }, { name: "app_name", type: "string", required: true, description: "The name of the application this password is for.", }, ], handler: this.handleCreateApplicationPassword.bind(this), }, - src/tools/site.ts:243-259 (handler)The primary handler function that implements the tool logic. Parses parameters, invokes WordPressClient.createApplicationPassword(), formats a user-friendly response with the generated password (shown only once), and handles errors.
public async handleCreateApplicationPassword( client: WordPressClient, params: Record<string, unknown>, ): Promise<unknown> { try { const { user_id, app_name } = params as { user_id: number; app_name: string }; const result = await client.createApplicationPassword(user_id, app_name); const content = "✅ **Application password created successfully!**\n\n" + `**Name:** ${result.name}\n` + `**Password:** \`${result.password}\`\n\n` + "**IMPORTANT:** This password is shown only once. Please save it securely."; return content; } catch (_error) { throw new Error(`Failed to create application password: ${getErrorMessage(_error)}`); } } - src/client/operations/site.ts:60-68 (helper)Low-level implementation in SiteOperations that performs the actual WP REST API POST request to /users/{userId}/application-passwords with {name, app_id?} payload.
async createApplicationPassword( userId: number | "me", name: string, appId?: string, ): Promise<WordPressApplicationPassword> { const data: Record<string, unknown> = { name }; if (appId) data.app_id = appId; return this.client.post<WordPressApplicationPassword>(`users/${userId}/application-passwords`, data); } - src/client/api.ts:1094-1100 (helper)Proxy method in WordPressClient that delegates to SiteOperations.createApplicationPassword.
async createApplicationPassword( userId: number | "me", name: string, appId?: string, ): Promise<WordPressApplicationPassword> { return this.siteOps.createApplicationPassword(userId, name, appId); }