Feature request: disable wordpress application passwords for certain roles?

  • Resolved wzshop

    (@wzshop)


    4 months ago

    Hi,

    It would be great if I can set the user roles that are allowed to use the applicfation password feature of wordpress, within Wordfence. I have found an older topic about this: https://www.ads-software.com/support/topic/enable-wordpress-application-passwords-only-for-one-user/

    It was replied that it might be a future feature. I hope i will get implemented some day.
    I tried this code, but it is not working for me

    function my_prefix_customize_app_password_availability(
        $available,
        $user
    ) {
        if ( ! user_can( $user, 'manage_options' ) ) {
            $available = false;
        }
     
        return $available;
    }
     
    add_filter(
        'wp_is_application_passwords_available_for_user',
        'my_prefix_customize_app_password_availability',
        10,
        2
    );
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Thanks @wzshop for your request.

    Each request towards a feature is noted, discussed, and can help prioritize our future development. I’ve noted your additional request for allowing certain roles to use the Application Passwords feature of WordPress. Unfortunately we’re unable to assist with custom code changes or comment on potential delivery dates here on the forums.

    If you need to expand on any use-case specifics, requests can also be sent to feedback @ wordfence . com

    Many thanks,
    Peter.

    Thread Starter wzshop

    (@wzshop)

    For anyone also using the Woocommerce app on the mobile. The above function will not work, once authenticated. This means it is not possible to obtain the stats with the function above. You can use this function to check the user by ID. This works, if you only want to allow the admin to use Application Passwords and your user ID is 1:

    function my_prefix_customize_app_password_availability(
    $available,
    $user
) {
    if ( $user !== 1 ) {
        $available = false;
    }
 
    return $available;
}
 
add_filter(
    'wp_is_application_passwords_available_for_user',
    'my_prefix_customize_app_password_availability',
    10,
    2
);
Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.