/wp-setup connects Cowork on your desktop to Cowork Bridge on your WordPress site. You run it once per machine, once per site. After it succeeds, you don’t run it again unless something changes.
Prerequisites
- Cowork Bridge is installed and active on your WordPress site. See Installing Cowork Bridge.
- Your WordPress domain is on the Cowork allowlist. See the allowlist guide.
- The
wordpress-for-cowork-v6.x.pluginfile is installed in Cowork (drag it into the Cowork chat window). - You have your CW- license key handy.
The flow
- In Cowork, type
/wp-setupand press Enter. - Paste your site URL when prompted (e.g.,
https://yourdomain.com— no trailing slash). - Paste your license key (format
CW-XXXXXX-XXXXXX-XXXXXX). - Generate a WordPress Application Password:
- In your WordPress admin, go to Users → Profile → Application Passwords.
- Name it
Coworkand click Add New Application Password. - WordPress shows you a 24-character password. Copy it.
- Paste the Application Password back into the Cowork prompt.
- Done — your site is connected. Run
/wp-statusto verify.
Why you do the Application Password step yourself
WordPress for Cowork won’t log into anything on your behalf without explicit permission. We don’t ask for your wp-admin username and main password, and Cowork doesn’t store them. The only credential the plugin ever sees is the Application Password you choose to hand over after generating it yourself, and that token can be revoked from your WordPress admin at any time to kill the connection cleanly.
Where your credentials live
All credentials are saved on your computer — Cowork’s local secret store. Nothing is saved on our servers. We never see your Application Password.
Multiple sites
Run /wp-setup once per site. Cowork keeps a separate pairing for each site URL.