Maxi AI Core gives AI agents structured, capability-checked access to your WordPress site. That power is worth protecting deliberately. This page outlines the main areas to address — transport, authentication, user scoping, credential management, and activity review — with links to deeper guidance for each.Documentation Index
Fetch the complete documentation index at: https://docs.maxicore.ai/llms.txt
Use this file to discover all available pages before exploring further.
Security checklist
Work through these items before going to production with any AI agent connection.Serve your site over HTTPS
Your MCP endpoint transmits authentication credentials on every request. On an HTTP site, those credentials travel in cleartext and can be intercepted. HTTPS is required — not optional.See Transport below.
Connect AI clients via OAuth or dedicated app passwords
Use OAuth 2.1 for public AI clients (ChatGPT, Claude Desktop, Cursor, Codex). For scripted or legacy clients, create a dedicated WordPress application password. Either way, avoid reusing your personal admin credentials for agent connections.See Authentication and App passwords.
Create a separate WordPress user for each AI agent
Bind each agent to its own WordPress user with only the capabilities it actually needs. If one agent behaves unexpectedly, the damage is limited to what that user can do.See User scoping.
Rotate AI provider API keys regularly
Keys older than 180 days are flagged as stale in
maxi/list-provider-keys. Rotate them on a regular cadence and immediately after any suspected exposure.See Credential management.Review the audit log for unexpected activity
Every content mutation, license event, API key rotation, and OAuth token issuance is recorded. Query the log regularly to catch unexpected agent behavior or unauthorized access attempts.See Audit log.
Transport
All outbound calls from Maxi AI Core to AI providers (OpenAI, Anthropic, OpenRouter, Replicate, BFL) are hardcoded to HTTPS. You need to do the same for your WordPress site itself. When your MCP endpoint runs over HTTP, the WordPress application password or OAuth Bearer token sent by the AI client on every request is exposed in cleartext to anyone on the network path. There is no in-plugin warning when your site runs on HTTP — this is something you need to verify yourself before connecting any AI client.Authentication
The MCP endpoint supports two authentication methods. They coexist — choose whichever fits your client.OAuth 2.1 (recommended)
Public AI clients connect by pasting your MCP URL and completing a browser consent flow. No manual token management. Access tokens are short-lived and rotate automatically.
Application passwords
Scripted or legacy clients use a WordPress application password with HTTP Basic authentication. Create one per agent user and rotate it when the agent relationship ends.
User scoping
Every AI agent should connect as its own WordPress user with only the capabilities it actually needs. An agent that only reads content should not be connecting as an administrator.User scoping guide
Learn which WordPress capabilities to assign for read-only, content, store, and admin agent patterns.
Credential management
AI provider API keys (OpenAI, Anthropic, OpenRouter, Replicate, BFL) are stored encrypted in WordPress. They are masked in all API responses and never returned in plaintext. You can view key status, rotate keys with live validation, and track rotation history.Credential management guide
Learn how to set, view, rotate, and audit AI provider API keys.
Audit log
All significant actions are recorded in an append-only audit log: content mutations, license events, API key rotations, OAuth token lifecycle events, email sends, and data masking changes. You can query the log by category, event name, or timestamp usingmaxi/get-audit-events.
Audit log guide
Learn how to query the audit log and which events are recorded.