In remote_authorization mode, the MCP server currently requires authentication headers on all requests, including the initial tools/list request that clients use to discover available capabilities.
This creates practical problems in several scenarios:
-
MCP Gateways and Admin Interfaces - When deploying an MCP server behind a gateway or management interface that needs to:
- Filter the tool list based on user permissions
- Modify tool metadata before presenting to clients
- Apply custom routing or transformation rules
- Present a curated subset of tools to different users
The gateway cannot inspect the tools list without first establishing authentication, making it impossible to implement these features.
-
Client User Experience - Clients cannot enumerate available tools before authenticating, preventing UI implementations from displaying tool capabilities upfront.
-
Discovery and Debugging - Developers and administrators cannot inspect what actions are available without first providing credentials, complicating debugging and exploration.
Suggested behavior:
The tools/list request (MCP method: "tools/list") should be served without authentication, allowing:
- Gateways to inspect and transform tool lists before presenting to clients
- Clients to discover server capabilities before authenticating
- Administrators to verify server configuration without auth
All other requests should continue to require authentication as before.
In remote_authorization mode, the MCP server currently requires authentication headers on all requests, including the initial tools/list request that clients use to discover available capabilities.
This creates practical problems in several scenarios:
MCP Gateways and Admin Interfaces - When deploying an MCP server behind a gateway or management interface that needs to:
The gateway cannot inspect the tools list without first establishing authentication, making it impossible to implement these features.
Client User Experience - Clients cannot enumerate available tools before authenticating, preventing UI implementations from displaying tool capabilities upfront.
Discovery and Debugging - Developers and administrators cannot inspect what actions are available without first providing credentials, complicating debugging and exploration.
Suggested behavior:
The tools/list request (MCP method: "tools/list") should be served without authentication, allowing:
All other requests should continue to require authentication as before.