Secure MCP
The Secure MCP integration is a single-audited, policy-governed endpoint through which AI agents access WordPress VIP applications. It governs which applications an agent can operate on and which capabilities it can use, and it logs activity.
The Model Context Protocol (MCP) is an open standard that lets AI agents call external tools. Secure MCP is the WordPress VIP implementation of that standard.
Secure MCP exposes 2 toolsets:
- VIP MCP — tools for managing the VIP Platform: applications, environments, deployments, domains, logs, security configurations, backups, and more.
- WordPress MCP — tools to manage a WordPress site on the VIP Platform: content, configuration, and other site-level operations.
An Org admin activates Secure MCP once for the organization via the VIP Dashboard’s Integrations Center. After activation, Org and App admins manage access to VIP MCP and WordPress MCP independently for each application.
Secure MCP toolsets
| Toolset | Purpose |
|---|---|
| VIP MCP | Operate on the VIP Platform: apps, environments, deployments, domains, env vars, logs, metrics, security settings, backups, WP-CLI, and data sync. |
| WordPress MCP | Operate on a WordPress site through the WordPress MCP server that runs inside the site. |
Both toolsets are subject to the authenticated user’s VIP Dashboard permissions. Tools the user cannot use are not registered for the session.
How access works
Secure MCP access is controlled at 2 levels.
Org admins control the Global MCP setting through the Integrations Center, which determines whether MCP is allowed anywhere in the organization.
Once Global MCP is active, access to each toolset is managed per application. For each application, an Org or App admin can independently enable or disable the VIP MCP and WordPress MCP toolsets. An application with both toolsets disabled is not reachable by an agent, even while Global MCP is active.
Call log
Every MCP tool call is recorded. The MCP Call Log lists Secure MCP tool calls across all applications in an organization, and a per-environment view lists the calls for a single environment. Entries generated through an agent are attributed to the authorizing user and marked with an MCP source indicator, which distinguishes agent-initiated actions from actions taken directly in the VIP Dashboard.
Roles and permissions
Activating Secure MCP requires an Org admin role, and changing toolset access for an application requires an Org or App admin role. Viewing the MCP Call Log requires the audit events permission. A user who lacks that permission sees an unauthorized message in place of the log. Manage roles and permissions via the People panel in the VIP Dashboard.
Last updated: July 02, 2026