Question

Iam trying to disable non admins from being able to generate an api key through the user-edit.php page (https://mywebsite.com/wp-admin/user-edit.php?user_id=1).

To do so im including the following code in functions.php file:

function your_prefix_customize_app_password_availability( $available,$user ) {
if ( ! in_array( 'administrator', (array) $user->roles ) ) {$available = false;
}
return \$available;
}


However, this only removes the key generator for the default application passwords and not for the plugin (see below explanation).

As can be seen from the images, I have 2 areas to create New Application passwords (One comes by default with WP and one is from the installed plugin).
The above code removes one but not the other. The one that remains is from the Application passwords plugin.

Iam trying to remove both for non admins.