Skip to content

Application Passwords

Fresh

Source: MainWP Application Passwords

WordPress-level credentials for HTTP Basic authentication, used by MCP Server and Abilities API.

Prerequisites

  • MainWP Dashboard administrator access
  • WordPress user account
  • HTTPS enabled on Dashboard domain

Create Application Password

  1. Navigate to Dashboard > API Access > Application Passwords
  2. Enter a descriptive name (e.g., Claude Desktop, Zapier, Internal Script)
  3. Copy the generated password immediately

One-Time Display

The full password is shown only once. Copy it before closing the dialog.

Test Authentication

bash
curl -u "USERNAME:APPLICATION_PASSWORD" \
  "https://your-dashboard.com/wp-json/wp-abilities/v1/abilities"

Comparison with API Keys

FeatureApplication PasswordsAPI Keys
Auth methodHTTP BasicBearer Token
Used byMCP Server, Abilities APIREST API v2
ScopeWordPress-levelMainWP-specific
RotationCreate new, revoke oldSame

Security Best Practices

  • Create separate credentials per tool
  • Revoke unused passwords regularly
  • Never share across systems
  • Use dedicated API users for production