AI Quick Start
Connecting an AI client to your site takes about five minutes. The flow: switch the API on, create an application password, point your client at the MCP endpoint, and ask your first question.
1. Confirm prerequisites#
You need an Accelerate-connected WordPress site running WordPress 6.9 or later, an administrator or integration user, and an AI client that can call MCP or REST tools.
2. Enable the Abilities API#
The API is off by default. In WordPress admin, go to Accelerate → Settings and switch on AI Abilities API. You can turn it off again at any time — disabling it immediately blocks all ability calls.
3. Create an application password#
In WordPress admin, go to Users → Profile → Application Passwords. Give it a descriptive name for the AI client, copy the generated password once, and store it in the client's secret store. Application passwords are separate from your login password and can be revoked independently — which makes them the safe choice for AI access.
4. Connect your AI client#
The Abilities API is exposed over MCP at https://your-site.com/wp-json/wp-abilities/v1/mcp, authenticated with the application password as HTTP Basic auth. Everywhere below, BASE64_ENCODED_CREDENTIALS is the base64 value from step 5 (username:application_password). Pick your client:
Run the CLI command (or commit the equivalent .mcp.json at your project root):
claude mcp add --transport http accelerate \
https://your-site.com/wp-json/wp-abilities/v1/mcp \
--header "Authorization: Basic BASE64_ENCODED_CREDENTIALS"Replace your-site.com with the WordPress site URL. Keep the credential out of committed files where the client supports it — most accept an environment variable or input prompt in place of the inline value.
5. Or use the REST API directly#
For direct REST access, use the same application password with Basic Authentication:
# Generate base64 credentials
echo -n "username:application_password" | base64
# List the available abilities
curl -X GET "https://your-site.com/wp-json/wp-abilities/v1/abilities" \
-H "Authorization: Basic BASE64_CREDENTIALS"See REST API for the full route reference.
6. Make a first read-only call#
Start with a read-only ability before granting anything more:
{
"name": "accelerate/get-performance-summary",
"arguments": {
"date_range_preset": "7d"
}
}Then check whether the AI can answer a specific question from real site data:
How did the site perform over the last 7 days, and what should I look at first?
If you get a real answer, you're connected.
7. Add write access intentionally#
Read-only access already covers most of the value — performance reviews, diagnosis, recommendations. Grant write access when you want the AI to create tests or audiences for you, generate on-brand variants, or run multi-round optimization loops — and keep destructive abilities behind explicit human confirmation.
Write access is gated by the same WordPress capability tiers, and the toolkit confirms every change before it ships — unless you explicitly ask it to run a block on autopilot, in which case that request is your standing approval for the loop's changes.
Read Permissions before enabling execution abilities.