accessibility – Rest API Application Passwords- Disabling for non admins


Iam trying to disable non admins from being able to generate an api key through the user-edit.php page (

To do so im including the following code in functions.php file:

function your_prefix_customize_app_password_availability( $available, $user ) {
   if ( ! in_array( 'administrator', (array) $user->roles ) ) {
       $available = false;
   return $available;
add_filter( 'wp_is_application_passwords_available_for_user', 'your_prefix_customize_app_password_availability', 10, 2 );

However, this only removes the key generator for the default application passwords and not for the plugin (see below explanation).

As can be seen from the images, I have 2 areas to create New Application passwords (One comes by default with WP and one is from the installed plugin).
The above code removes one but not the other. The one that remains is from the Application passwords plugin.

Iam trying to remove both for non admins.

Any advise?

Application Passwords(Plugin)

enter image description here

Application Passwords(Default)

enter image description here

The Oracle 10 months 2022-04-11T07:38:35-05:00 0 Answers 0 views 0

Leave an answer