Mandate App Security is a WordPress Plugin Directory app by Paul.
AppRanks verdict
Generated from live marketplace data — refreshed daily
Mandate App Security is a newly-listed WordPress app with a limited review volume. It is listed in the Security category on WordPress Plugin Directory, which AppRanks treats as the canonical taxonomy node for ranking and competitor comparison. no published reviews yet means feature claims are unverified by the wider merchant base. Without a published review base, the only fit-signal available is the developer's own documentation plus the marketplace's listing-quality audit (linked below). Paid-only pricing means evaluating fit on the marketplace listing or via the developer's documentation before installing. AppRanks tracks rating, review count, pricing tier, and category position daily — the figures on this page reflect the most recent scrape from the canonical WordPress Plugin Directory listing.
Pros
- +Published by Paul — established developer track record
Cons
- −No public reviews yet — fit and reliability are unverified
Looking to switch from Mandate App Security?
See Mandate App Security's alternatives ranked by audit score, rating, and review velocity.
How Mandate App Security works
Show full descriptionShow less
WordPress Application Passwords prove identity. They do not limit what an authenticated request can do. If the user behind a password is an admin, every tool that authenticates as that user has admin-level access — with no native way to narrow it.
Today, REST clients, automation platforms, AI agents, management tools, and MCP connectors all authenticate with Application Passwords. Any of them, if misconfigured or compromised, can do anything that user can do.
Mandate App Security adds the missing layer: a capability policy per Application Password. You define what each credential is allowed to do. Mandate App Security enforces it on every request. Normal wp-admin sessions and user roles are unaffected.
Instead of treating every Application Password as equally trusted, Mandate App Security lets administrators and password owners save a capability allowlist per password.
An administrator can choose:
a WordPress user
one of that user’s Application Passwords
the capabilities that password should be allowed to use
an optional expiration date for that password
whether the scope is locked so the password owner can view it but not edit it
Users can scope their own Application Passwords when WordPress allows Application Passwords for their account. Only administrators can edit another user’s scope or lock a scope against owner edits.
When a request is authenticated with that Application Password, Mandate App Security checks the saved allowlist and removes capabilities that are not allowed for that password.
Mandate App Security never grants new permissions. It only narrows an Application Password to capabilities the selected user already receives from assigned roles. If the selected Application Password is past its saved expiration date, Mandate App Security removes all capabilities for that request. Normal browser and wp-admin sessions for the same user are not changed.
Example scopes A reporting dashboard that only needs to read posts and media should never be able to edit settings or manage users. A content automation tool that publishes posts has no reason to access WooCommerce orders. An AI writing assistant does not need plugin management access.
With Mandate App Security, each of those tools gets a dedicated Application Password scoped to exactly what it needs. Nothing more.
Source Code Mandate App Security is available at https://wpmandate.com.
The public development repository, release packages, and build documentation are at https://github.com/FernleafSystems/Mandate-for-WordPress.
Category rankings
As of Jul 9, 2026- Access-control#0of 7Top 1%
- Application-passwords#0of 2Top 1%
- Capabilities#0of 6Top 1%
- Rest-api#0of 36Top 1%
- Security#0of 635Top 1%
See 90-day rank history for each category
Track daily rank changes, category shifts, and position volatility.
Keyword rankings
Mandate App Security ranks for 1 keywords across WordPress Plugin Directory. Here are the top 1:
- 1.ai agentRank #631
Competitors & alternatives
Mandate App Securitydoesn't have curated competitor matchups yet. Other tracked security apps on WordPress:
Where Mandate App Security stands in the Security category
Mandate App Security ranks #0 of 635 apps in the Security category, placing it in the top 1% of the listing.
Frequently asked questions
What is Mandate App Security?
Mandate App Security is an app for WordPress. It is published on WordPress Plugin Directory and tracked daily by AppRanks, and AppRanks has been tracking its public marketplace data on a daily refresh cycle. It is listed under the Security category on AppRanks, where you can see its current category position, review-velocity trend, and how it compares against the top alternatives in the same space. Developed by Paul.
Who uses Mandate App Security?
Mandate App Security is actively installed across WordPress stores tracked by AppRanks. Its review base is still building, which usually maps to early-stage merchants and stores piloting a new workflow. It is part of the Security category on WordPress.