An MCP server works as a structured API-like interface for AI models: the client (such as the Claude app) connects to the server, which exposes a set of endpoints declaring available tools and functions. This enables the model to perform actions like querying, updating, or managing your WordPress content.

You have two main approaches:

• Using your WordPress as the MCP server: Claude connects to your WordPress site and gains capabilities based on what is exposed through AI Engine.
• Using Claude inside AI Engine: Here, Claude becomes the internal model in AI Engine, and it can connect to a remote MCP server (another site, for example).

WordPress MCP Server

This will allow MCP-compatible application (like ChatGPT and Claude desktop/web app) to connect to your server, fetch all the tools available via AI Engine, and interact with your site by querying these different tools.

First, go to AI Engine settings, and under the MCP section make sure to enable the MCP option, as this will be like enabling the REST API but for AI applications. You can also set a Bearer token, which is an authentication token that you need to keep secret, otherwise anyone could potentially interact with your server.

Using MCP no longer requires the use of SSE, which makes the process much more reliable and easier to set up.

Then you can select all the different “endpoints” (or “tools” if your prefer) that the MCP server will expose. Go to the MCP Features section and select the ones you need. You will see all of them listed there with details about what they do.

Discover all the already available tools exposed through the AI Engine MPC:

AI Engine Free

Core WordPress MCP

• Content Management: Create, update, delete posts and pages with full control over titles, content, status, categories, and tags.
• Comment Moderation: View, create, update, and delete comments.
• User Management: Create users, update profiles, and manage roles.
• Media Library: Upload images, manage attachments, and set featured images.
• Taxonomies: Create and manage categories, tags, and custom taxonomies.
• Settings: Update WordPress options and configurations.
• Vision Analysis: Analyze images using AI vision capabilities.

Key Operations: 36 tools covering all core WordPress functionality with proper read/write separation.

Dynamic REST (Raw API Access)

Provides direct access to WordPress’s native REST API endpoints for generic operations — useful for developers who prefer working with standard REST structures.

AI Engine Pro ✨

Plugins MCP

• Plugin Discovery: List and search installed plugins.
• Plugin Lifecycle: Install, activate, deactivate, update, and delete plugins.
• Code Management: Read, create, edit, and delete plugin files.
• Advanced Features: Fork plugins to create custom versions.
• File Operations: Full access to plugin directory structure.

Key Operations: Complete plugin management, from installation to code-level modification.

Themes MCP

• Theme Management: List, install, activate, and delete themes.
• Customization: Read and modify theme files (PHP, CSS, JS).
• Theme Development: Fork existing themes to create custom versions.
• File Operations: Create, edit, and delete theme files.
• Asset Management: Handle theme assets and templates.

Key Operations: Full theme lifecycle management including code-level customization.

Any plugin that is compatible with AI Engine MCP and exposes some MCP tools will add those tools for the connected AI application. For instance, if you have SEO Engine installed, Claude or ChatGPT will be able to run SEO-specific processes like scanning your posts for SEO, getting their score, metrics, and more.

If you are a developer, you can build new tools or make your already existing plugin compatible with MCP without doing all the hard work yourself, you can do it through AI Engine by reading this documentation.

You are now ready to control your site through an AI application, follow the article for the service you want:

• ChatGPT – Easiest to set up, direct connection.
• Claude – Needs a bridge (CLI configuration) between your server and Claude to function.
• Claude Code – Control your WordPress site directly from your console terminal.

AI Engine vs. Automattic’s Implementation

Automattic’s Dynamic REST approach exposes WordPress’s REST API through MCP, but it’s complex and not very AI-friendly. It uses verbose data structures, requires technical setup, and lacks context about what’s safe or destructive — making errors more likely. In contrast, AI Engine’s Optimized Tools are built for AI from the ground up, using simple function-like commands, clear parameters, and concise responses. They include smart annotations for safety, advanced features like plugin editing and theme forking, and deliver faster, more efficient, and easier-to-understand interactions for both users and AI assistants.

MCP Orchestration

This will allow your chatbot in AI Engine to query distant MCP servers to run tools outside of your current WordPress environment and use the results in chat. You can think of it as using Function Calling but remotely with tool already made by third party providers.

As you can make your own server an MCP server by reading the above section, you can indeed connect your own site’s MCP server to your chatbot, or connect a different WordPress site to the current one.

First, go to the Dashboard of AI Engine and under the Server module enable the Orchestration option. This will allow you to go into Settings under a new section called “Orchestration.”

Now you will need to prepare your MCP server to register it on AI Engine. For the sake of this tutorial, we will use a free and no-authentication remote MCP server, but in your case, you might need to self-host your MCP server on a distant server or register and configure it from a third-party service.

Remember you don’t have to code anything, this is like function calling but the tools are already made for you and exposed like an API for your chatbot. If you are still hesitating about whether you should go with Function Calling or MCP you can read this documentation.

Let’s use https://remote.mcpservers.org/fetch/mcp to test this out. This is an open MCP server that provides web content fetching capabilities. This server enables LLMs to retrieve and process content from web pages, converting HTML to markdown for easier consumption.

Now we can select this server under the MCP Servers section of our chatbot settings, and the tools will be fetched from the server and declared as tools just like Function Calling.

If you don’t see the “MCP Servers” section, it could be because you haven’t selected a compatible AI model. Make sure you are not using “Default” or “None” and have actually selected a model, and ensure it is either an OpenAI or Anthropic model, as not all models are compatible with MCP.

Manage MCP access

MCP provides powerful WordPress management capabilities, so access must be strictly controlled.

By default, only administrators can access MCP endpoints. This prevents lower-privileged users (subscribers, contributors, etc.) from executing dangerous operations like creating admin users, deleting content, or modifying settings.

When a bearer token is configured, it overrides the default admin check, but access is DENIED unless a valid token is provided. This ensures MCP is secure even with default settings.

To restrict or customize access to MCP, you can use the “mwai_allow_mcp” filter. Here are a few examples.

<?php
// Example 1: Allow access based on user role
add_filter( 'mwai_allow_mcp', function( $allow, $request ) {
  // Allow if already authenticated as admin
  if ( $allow ) {
    return $allow;
  }
  
  // Allow editors and above
  if ( current_user_can( 'edit_posts' ) ) {
    return true;
  }
  
  return false;
}, 10, 2 );

<?php
// Example 2: Allow access based on specific user IDs
add_filter( 'mwai_allow_mcp', function( $allow, $request ) {
  // Allow if already authenticated as admin
  if ( $allow ) {
    return $allow;
  }
  
  // Whitelist specific user IDs
  $allowed_users = [ 2, 5, 42 ]; // User IDs
  $current_user = get_current_user_id();
  
  return in_array( $current_user, $allowed_users, true );
}, 10, 2 );

<?php
// Example 3: Allow based on role, but restrict certain tools by role
add_filter( 'mwai_allow_mcp', function( $allow, $request ) {
  // Allow if already authenticated as admin
  if ( $allow ) {
    return $allow;
  }
  
  // Allow contributors and above
  if ( current_user_can( 'edit_posts' ) ) {
    return true;
  }
  
  return false;
}, 10, 2 );

// Then restrict tools per role
add_filter( 'mwai_mcp_callback', function( $result, $tool, $args, $id, $mcp ) {
  $user = wp_get_current_user();
  
  // Only admins can execute dangerous tools
  if ( $tool === 'delete_post' && !in_array( 'administrator', $user->roles ) ) {
    throw new Exception( "Tool '{$tool}' requires administrator role" );
  }
  
  // Only editors and above can create posts
  if ( $tool === 'create_post' && !current_user_can( 'edit_posts' ) ) {
    throw new Exception( "Tool '{$tool}' requires editor role or higher" );
  }
  
  return $result;
}, 10, 5 );