Royal MCP – Secure AI Connector for Claude, ChatGPT & Gemini

Model Context Protocol (MCP) is an open standard created by Anthropic that lets AI assistants interact with external data sources. Without MCP, AI tools like Claude or ChatGPT can only work with content you copy and paste into them. With Royal MCP installed, these AI platforms can directly read your WordPress posts, create new content, manage your WooCommerce products, check your security status, and trigger backups — all through a structured, authenticated protocol.

Security. Most MCP plugins — and 41% of all public MCP servers — have no authentication at all. Royal MCP requires an API key for every session, rate-limits requests to prevent abuse, logs every interaction for audit purposes, and filters sensitive data (emails, PHP version, admin credentials) from responses. We built this plugin with the same security standards we apply to GuardPress, our WordPress security plugin used on thousands of sites.

No. WordPress 6.9 added the Abilities API — a primitive for registering AI-callable functions — and the wordpress/mcp-adapter package bridges abilities to the MCP protocol. Royal MCP is a full MCP server with the security layer, connector flows, and plugin integrations that the bare primitive does not include: enforced API key auth, OAuth 2.0 for Claude Desktop, per-IP rate limiting, audit logging, sensitive-data redaction, 67 ready-to-use WordPress core tools, and 59 integration tools that auto-load for WooCommerce, GuardPress, SiteVault, ForgeCache, Royal Ledger, Royal Links, Elementor, and Advanced Custom Fields.

Yes. When WooCommerce is active, Royal MCP automatically adds 26 MCP tools spanning product management (simple and variable, including variation CRUD and global attribute management), full coupon management (list/get/create/update/delete + bulk trash purge), order management (view, update status), customer data, and store statistics. No additional configuration is needed — the tools appear automatically in the MCP tools list.

Yes, with safety controls. Royal MCP exposes two tools for plugin configuration:

• wp_get_plugin_settings lets AI read any plugin's stored settings by slug. Sensitive values (API keys, secrets, tokens, passwords, license keys, OAuth credentials) are automatically replaced with [REDACTED] before they leave your server, so AI assistants can understand a plugin's configuration without ever seeing stored credentials.
• wp_update_option lets AI write to WordPress options, but only after passing three security gates:
• The site admin must enable the "Allow AI to write WordPress options" toggle on the Royal MCP settings page (off by default)
• The option name must be in a runtime allowlist. The default allowlist is intentionally tiny — blogname, blogdescription, posts_per_page, date_format, time_format. Plugin authors opt their own settings in via the royal_mcp_writable_options filter.
• A hard denylist permanently blocks writes to sensitive option names (siteurl, home, license keys, secrets, salts, etc.) regardless of the allowlist or the toggle.

Install Royal MCP, go to Royal MCP → Settings, and copy your API key and MCP server URL. In Claude Desktop, add a new MCP server configuration with the URL and include the X-Royal-MCP-API-Key header with your API key. Full step-by-step guide at royalplugins.com/support/royal-mcp/. If the connection fails, see the next FAQ.

About 90% of "can't connect" / "OAuth failed" / "tools missing" issues resolve in a basic 4-step pass before any host-specific fix is needed. In order: (1) update Royal MCP to the latest version (every recent release fixes meaningful OAuth edge cases), (2) run a conflict test — deactivate all other plugins, switch to a default theme like Twenty Twenty-Five, and purge every cache layer (any cache plugin, your host's server-level cache, Cloudflare/CDN, and browser cache), (3) wipe stale OAuth state — use the Reset OAuth State button in Royal MCP → Settings if you're on 1.4.17 or newer, or run the four DELETE SQL queries documented in our support article, (4) check Royal MCP → Activity Logs for the most recent oauth: row, which records exactly which validation rule fired. Full walk-through with copy-pasteable commands at royalplugins.com/support/royal-mcp/troubleshooting-start-here.html. Only proceed to host-specific fixes (Cloudflare AI Bots toggle, SiteGround /.well-known/ static files, edge-cache exclusions) after the four basics are ruled out — most "advanced infrastructure" tickets we receive actually resolve in those four steps.

When you restore from backup, the OAuth client credentials Claude was holding no longer match anything on the WordPress side, so Claude's connector ends up with a stale token that no Royal MCP installation will accept. The fix in Royal MCP 1.4.17+ is one click: go to Royal MCP → Settings and click the Reset OAuth State button. This wipes all stale OAuth clients, issued access/refresh tokens, and pending authorization codes. Then in Claude, delete the existing connector entirely, wait 30 seconds, and re-add it from scratch — the full OAuth flow runs fresh against the cleaned-up state and the connection works. On 1.4.16 or older the same effect can be achieved by running four DELETE SQL queries documented at royalplugins.com/support/royal-mcp/troubleshooting-start-here.html. The plugin's settings, API key, and Activity Log are not affected by Reset OAuth State — only the OAuth handshake state.

By design, Royal MCP's OAuth endpoints (/register, /token, /authorize) are registered as top-level WordPress rewrite rules at the site root, not as REST API routes under /wp-json/royal-mcp/v1/. This is required by the OAuth 2.0 specification (RFC 6749) and the MCP discovery specs (RFC 8414 and RFC 9728), which mandate predictable site-root paths so OAuth-discovery-aware clients can find them without per-plugin configuration. If you're auditing rewrite rules instead of REST routes, you can see ours via wp rewrite list | grep royal_mcp_oauth from WP-CLI. The /wp-json/royal-mcp/v1/ namespace contains the JSON-RPC tool endpoint at /mcp plus supporting REST routes (/posts, /pages, /site, etc.) — but not the OAuth handshake endpoints themselves. Both routing layers are normal and both need to be reachable for the connector to work end-to-end.

Royal MCP is designed with defense in depth. API key authentication is required for all MCP sessions. Rate limiting prevents abuse (60 requests per minute per IP). Activity logging records every tool call. Sensitive data is filtered — user emails, usernames, admin email, PHP version, and stored credentials inside plugin settings (api keys, secrets, tokens, passwords) are never exposed through MCP. Comment creation respects your WordPress moderation settings. Post meta values are sanitized before storage. Option writes are disabled by default and gated by three independent checks (admin toggle, allowlist, hard denylist) when enabled. The plugin itself starts disabled by default — nothing is accessible until you explicitly enable it.

Yes. Royal MCP supports Ollama and LM Studio for fully local AI inference. When using local models, no data leaves your server — the AI model runs on your own hardware and communicates with WordPress through the MCP protocol on localhost.

Royal MCP performs a clean uninstall. All plugin options, database tables (activity logs), transients, and user meta are removed. No orphaned data is left behind.

Yes. Any MCP-compliant client can connect to Royal MCP. Configure your IDE or client with the MCP server URL (https://yoursite.com/wp-json/royal-mcp/v1/mcp) and the API key (sent in the X-Royal-MCP-API-Key header). Claude Desktop additionally supports the native "Add Connector" OAuth 2.0 flow, which Royal MCP handles via Dynamic Client Registration (RFC 7591) — no manual API key management required on that path. The same OAuth flow works in any client that follows the MCP 2025-11-25 spec.

Yes. Royal MCP exposes WordPress's standard wp_get_post_meta, wp_update_post_meta, and wp_delete_post_meta tools, which read and write any custom field — including Advanced Custom Fields (ACF), MetaBox, JetEngine, Pods, CPT UI, and Custom Field Suite. AI agents can populate ACF fields, set repeater rows, update flexible content blocks, and read computed fields just like a human editor working in the WordPress admin.

No. The MCP endpoint is a REST route that runs only when an authenticated AI client makes a request — it does not run on visitor-facing pages, frontend templates, or admin screens (except its own settings page). The activity log uses a single indexed database table and writes asynchronously after the response is sent. Rate limiting (60 requests/minute per IP) prevents accidental overload.

Yes, on a per-site basis. Each site in a multisite network has its own API key, its own activity log, and its own settings. AI clients connect to a specific site's MCP endpoint — Royal MCP does not bridge requests between sites in the network.

Yes. The wp_get_posts and wp_create_post tools accept a post_type parameter and validate it against registered public post types, so private or internal post types are not exposed. Plugin authors can disable specific tools entirely with the royal_mcp_disabled_tools filter, or scope the option-write allowlist with royal_mcp_writable_options. WordPress's standard capability checks also apply to every tool call.

Yes. Translated posts appear as separate WordPress posts (each with its own ID and language meta) and are readable or writable via the standard wp_get_posts, wp_create_post, and wp_update_post tools. AI agents can list posts in a specific language by filtering on the language meta key, or translate a post and write the corresponding translation by ID.

Every authenticated MCP request is logged to the Royal MCP activity log with timestamp, client IP, tool name, parameters (sensitive values redacted), and response status. The log is filterable by time range, client, tool, or status code, and exportable to CSV. The log page refreshes via AJAX so you can watch active sessions in real time.