{"id":300297,"date":"2026-05-08T12:14:09","date_gmt":"2026-05-08T12:14:09","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/mcp-manager\/"},"modified":"2026-05-08T12:20:27","modified_gmt":"2026-05-08T12:20:27","slug":"acrossai-mcp-manager","status":"publish","type":"plugin","link":"https:\/\/es-cr.wordpress.org\/plugins\/acrossai-mcp-manager\/","author":15295430,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"0.0.2","stable_tag":"0.0.2","tested":"7.0","requires":"6.9","requires_php":"8.0","requires_plugins":null,"header_name":"AcrossAI MCP Manager","header_author":"raftaar1191","header_description":"Enable\/Disable MCP Adapter Integration for WordPress","assets_banners_color":"","last_updated":"2026-05-08 12:20:27","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/acrossai.co\/","header_author_uri":"https:\/\/profiles.wordpress.org\/raftaar1191\/","rating":0,"author_block_rating":0,"active_installs":0,"downloads":57,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"0.0.1":{"tag":"0.0.1","author":"raftaar1191","date":"2026-05-08 12:13:51"},"0.0.2":{"tag":"0.0.2","author":"raftaar1191","date":"2026-05-08 12:20:27"}},"upgrade_notice":[],"ratings":[],"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["0.0.1","0.0.2"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Settings page with client tabs for easy configuration","2":"Copy-paste ready JSON configuration","3":"One-click password generation","4":"Per-provider configuration file locations and top-level keys"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[2353,229563,222885,242115,254221],"plugin_category":[],"plugin_contributors":[140910],"plugin_business_model":[],"class_list":["post-300297","plugin","type-plugin","status-publish","hentry","plugin_tags-ai","plugin_tags-claude","plugin_tags-copilot","plugin_tags-mcp","plugin_tags-vscode","plugin_contributors-raftaar1191","plugin_committers-raftaar1191"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/acrossai-mcp-manager.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"<!--section=description-->\n<p>MCP Manager uses the standard <code>@automattic\/mcp-wordpress-remote@latest<\/code> package with WordPress Application Passwords for the default remote flow. It also includes an optional experimental direct Claude Connectors mode backed by a WordPress-hosted OAuth approval flow.<\/p>\n\n<p>MCP Manager is a WordPress plugin that enables seamless integration with Model Context Protocol (MCP) servers, allowing AI assistants and code editors to safely access your WordPress instance through secure application passwords.<\/p>\n\n<h4>Key Features<\/h4>\n\n<ul>\n<li><p><strong>Multi-Client Support<\/strong>: Configure MCP for:<\/p>\n\n<ul>\n<li>VS Code with Copilot<\/li>\n<li>Claude Desktop App<\/li>\n<li>GitHub Copilot &amp; Codex<\/li>\n<li>OpenAI ChatGPT Codex<\/li>\n<li>Custom MCP Clients<\/li>\n<\/ul><\/li>\n<li><p><strong>Secure Authentication<\/strong>: Uses WordPress native Application Passwords system<\/p>\n\n<ul>\n<li>One-click password generation<\/li>\n<li>Secure credential management<\/li>\n<li>Password revocation support<\/li>\n<li>Per-server Access Control still enforced after authentication<\/li>\n<\/ul><\/li>\n<li><p><strong>Easy Configuration<\/strong>:<\/p>\n\n<ul>\n<li>Copy-paste ready JSON configurations<\/li>\n<li>Per-provider configuration file paths<\/li>\n<li>Automatic top-level key detection<\/li>\n<\/ul><\/li>\n<li><p><strong>Format #1 Standard<\/strong>: Uses the Automattic-recommended MCP configuration format<\/p>\n\n<ul>\n<li>npx command execution<\/li>\n<li>@automattic\/mcp-wordpress-remote@latest package<\/li>\n<li>Full environment variable support<\/li>\n<\/ul><\/li>\n<\/ul>\n\n<h4>How It Works<\/h4>\n\n<ol>\n<li>Navigate to Settings \u2192 MCP Manager<\/li>\n<li>Select your MCP client (VS Code, Claude, GitHub Copilot, ChatGPT, or Custom)<\/li>\n<li>Click \"Generate New Application Password\"<\/li>\n<li>Copy the ready-to-use JSON configuration<\/li>\n<li>Paste into your client's configuration file<\/li>\n<li>Restart your MCP client<\/li>\n<\/ol>\n\n<p>All application passwords are managed through WordPress's native Application Passwords system and appear in your profile under Account Management.<\/p>\n\n<h4>CLI Connection and Authorization Flow<\/h4>\n\n<p>MCP Manager also supports a browser-assisted CLI connection flow for local MCP clients.<\/p>\n\n<p>Typical command:<\/p>\n\n<pre><code>npx -y @acrossai\/mcp-manager --siteurl=https:\/\/example.com --server=default-mcp-server\n<\/code><\/pre>\n\n<p>Flow summary:<\/p>\n\n<ol>\n<li>The CLI checks <code>\/wp-json\/acrossai-mcp-manager\/v1\/health<\/code><\/li>\n<li>The CLI starts auth with <code>\/wp-json\/acrossai-mcp-manager\/v1\/auth\/start<\/code><\/li>\n<li>WordPress returns an <code>auth_code<\/code> and frontend <code>auth_url<\/code><\/li>\n<li>The CLI opens the frontend approval page at <code>\/acrossai-mcp-manager\/<\/code><\/li>\n<li>If needed, the user signs in through normal WordPress login<\/li>\n<li>The signed-in user approves access in the browser<\/li>\n<li>The CLI polls <code>\/auth\/status<\/code> until the request is approved<\/li>\n<li>The CLI fetches the approved user's accessible servers from <code>\/servers<\/code><\/li>\n<li>The CLI exchanges the approved code at <code>\/auth\/exchange<\/code><\/li>\n<li>WordPress creates a one-time Application Password and the CLI writes the MCP client config<\/li>\n<\/ol>\n\n<p>Terminology:<\/p>\n\n<ul>\n<li><strong>Sign in \/ Log in<\/strong> = WordPress account authentication<\/li>\n<li><strong>Connect<\/strong> = starting the CLI-to-site linking flow<\/li>\n<li><strong>Authorize \/ Approve access<\/strong> = granting the CLI permission in the browser<\/li>\n<\/ul>\n\n<p>Important notes:<\/p>\n\n<ul>\n<li>The frontend authorization page must never be cached<\/li>\n<li>Auth codes are single-use<\/li>\n<li><code>\/servers<\/code> and <code>\/auth\/exchange<\/code> respect per-server access control<\/li>\n<li>User-facing copy should say <strong>CLI Connections<\/strong> rather than <strong>npm Login<\/strong><\/li>\n<li>Generated remote MCP configs use Application Passwords and explicitly disable OAuth discovery in <code>@automattic\/mcp-wordpress-remote<\/code><\/li>\n<\/ul>\n\n<h4>Experimental Direct Claude Connectors<\/h4>\n\n<p>An optional <strong>Claude Connectors Screen (Experimental)<\/strong> setting can enable a direct OAuth flow for Claude's hosted connectors.<\/p>\n\n<p>When the global feature toggle is enabled and a specific server is configured in its <strong>Claude Connector<\/strong> tab, the plugin exposes:<\/p>\n\n<ul>\n<li><code>\/.well-known\/oauth-authorization-server<\/code><\/li>\n<li><code>\/.well-known\/oauth-protected-resource?resource=&lt;mcp-url&gt;<\/code><\/li>\n<li><code>\/acrossai-mcp-connectors\/oauth\/authorize\/<\/code><\/li>\n<li><code>\/wp-json\/acrossai-mcp-manager\/v1\/connector\/oauth\/token<\/code><\/li>\n<\/ul>\n\n<p>Important notes:<\/p>\n\n<ul>\n<li>Disabled by default<\/li>\n<li>The Application Password flow remains available and supported<\/li>\n<li>The master experimental toggle is global, but OAuth client settings are stored per server<\/li>\n<li>Direct connector approval signs Claude in as a WordPress user<\/li>\n<li>Per-server Access Control still applies to every MCP request after OAuth<\/li>\n<li>Public HTTPS is recommended for hosted connector usage<\/li>\n<\/ul>\n\n<h4>Provider Configuration Paths<\/h4>\n\n<ul>\n<li><strong>VS Code<\/strong>: ~\/.config\/Code\/User\/globalStorage\/Copilot.copilot-chat\/mcp.json (top-level key: \"servers\")<\/li>\n<li><strong>Claude<\/strong>: ~\/Library\/Application Support\/Claude\/claude_desktop_config.json (top-level key: \"mcpServers\")<\/li>\n<li><strong>GitHub Copilot<\/strong>: ~\/.gh-copilot\/config.json (top-level key: \"servers\")<\/li>\n<li><strong>OpenAI ChatGPT<\/strong>: ~\/.config\/chatgpt\/config.json (top-level key: \"servers\")<\/li>\n<li><strong>Custom<\/strong>: .\/your-project\/.mcp\/config.json (top-level key: configurable)<\/li>\n<\/ul>\n\n<h4>Requirements<\/h4>\n\n<ul>\n<li>WordPress 5.9 or higher<\/li>\n<li>PHP 8.0 or higher<\/li>\n<li>WordPress Application Passwords support (built-in since WP 5.6)<\/li>\n<\/ul>\n\n<h3>Support &amp; Contribution<\/h3>\n\n<p>For issues, feature requests, or contributions, visit the plugin repository.<\/p>\n\n<p>Questions? Check the FAQ section or look for documentation in the plugin settings page.<\/p>\n\n<h3>Development<\/h3>\n\n<p>This plugin follows WordPress coding standards and best practices:\n- PHP 8.0+ compatible\n- Full object-oriented architecture\n- Secure nonce verification\n- Proper capability checks\n- Sanitized input validation\n- Escaped output<\/p>\n\n<h3>License<\/h3>\n\n<p>This plugin is licensed under the GPL-2.0-or-later license. See LICENSE file for details.<\/p>\n\n<h3>Credits<\/h3>\n\n<p>MCP Manager is built with:\n- WordPress native APIs\n- Automattic's MCP WordPress Remote package\n- WordPress Application Passwords system<\/p>\n\n<p>Developed with \u2764\ufe0f for the WordPress community.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin directory to <code>\/wp-content\/plugins\/<\/code><\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress<\/li>\n<li>Navigate to Settings \u2192 MCP Manager to configure<\/li>\n<\/ol>\n\n<p>Or:<\/p>\n\n<ol>\n<li>Go to Admin \u2192 Plugins \u2192 Add New<\/li>\n<li>Search for \"MCP Manager\"<\/li>\n<li>Click \"Install Now\" then \"Activate\"<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"is%20my%20password%20secure%3F\"><h3>Is my password secure?<\/h3><\/dt>\n<dd><p>Yes! MCP Manager uses WordPress's native Application Passwords system. Each password is:\n- Generated using WordPress's secure methods\n- Associated with your user account\n- Visible in your profile for management\n- Revocable at any time<\/p><\/dd>\n<dt id=\"can%20i%20use%20this%20with%20multiple%20mcp%20clients%3F\"><h3>Can I use this with multiple MCP clients?<\/h3><\/dt>\n<dd><p>Yes! You can generate separate passwords for each client (VS Code, Claude, GitHub Copilot, ChatGPT, and any custom client).<\/p><\/dd>\n<dt id=\"where%20are%20my%20application%20passwords%20saved%3F\"><h3>Where are my application passwords saved?<\/h3><\/dt>\n<dd><p>All application passwords are managed through WordPress's native Application Passwords system. View and manage them at:\nUser Profile \u2192 Account Management \u2192 Application Passwords<\/p><\/dd>\n<dt id=\"what%20mcp%20clients%20are%20supported%3F\"><h3>What MCP clients are supported?<\/h3><\/dt>\n<dd><ul>\n<li>Visual Studio Code (with Copilot)<\/li>\n<li>Anthropic Claude Desktop App<\/li>\n<li>GitHub Copilot<\/li>\n<li>OpenAI ChatGPT Codex<\/li>\n<li>Any custom MCP client supporting the standard format<\/li>\n<\/ul><\/dd>\n<dt id=\"can%20i%20revoke%20a%20password%3F\"><h3>Can I revoke a password?<\/h3><\/dt>\n<dd><p>Yes! You can revoke any application password from your profile page under Account Management \u2192 Application Passwords.<\/p><\/dd>\n<dt id=\"is%20this%20compatible%20with%20multisite%3F\"><h3>Is this compatible with multisite?<\/h3><\/dt>\n<dd><p>Yes! MCP Manager works with WordPress multisite installations. Each site can be configured independently.<\/p><\/dd>\n<dt id=\"do%20i%20need%20to%20install%20additional%20software%3F\"><h3>Do I need to install additional software?<\/h3><\/dt>\n<dd><p>No additional software is needed on the WordPress side. Your MCP clients (VS Code extension, Claude app, etc.) handle the integration.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>0.0.2<\/h4>\n\n<ul>\n<li>Security: sanitize and validate all $_GET\/$_POST inputs with sanitize_key(), sanitize_text_field(), absint(), and wp_unslash()<\/li>\n<li>Paths: replace hardcoded ABSPATH with get_home_path() for correct subdirectory-install support<\/li>\n<li>Enqueue: remove all inline \/ blocks; move to external CSS\/JS files loaded via wp_enqueue_style() and wp_enqueue_script()<\/li>\n<\/ul>\n\n<h4>0.0.1<\/h4>\n\n<ul>\n<li>Initial release<\/li>\n<li>Support for VS Code, Claude, GitHub Copilot, ChatGPT Codex, and custom clients<\/li>\n<li>Format #1 (Automattic-recommended) MCP configuration<\/li>\n<li>Native WordPress Application Passwords integration<\/li>\n<li>Dynamic configuration generation per provider<\/li>\n<li>Full REST API support<\/li>\n<li>Admin UI with client tabs<\/li>\n<li>Copy-to-clipboard functionality<\/li>\n<\/ul>","raw_excerpt":"Connect WordPress to MCP clients like VS Code, Claude, and Copilot using secure application passwords.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/300297","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=300297"}],"author":[{"embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/raftaar1191"}],"wp:attachment":[{"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=300297"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=300297"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=300297"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=300297"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=300297"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/es-cr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=300297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}