When using Streamable HTTP transport, the oauth flow is not triggered when the server returns 401 #358

ashubham · 2025-04-29T21:10:37Z

Describe the bug
When using Streamable HTTP transport, the oauth flow is not triggered when the server returns 401. The sse transport supports this and the browser correctly initiates the oauth flow as per the spec.

To Reproduce
Steps to reproduce the behavior:

Point against an MCP server with Streamable HTTP + Oauth flow. Like this one (https://thoughtspot-mcp-server.thoughtspot-485.workers.dev/mcp)

Expected behavior
When the server returns 401 the inspector should trigger the oauth flow.

Logs
When using streamable HTTP:

Created streamable web app transport 9b453c43-3a2c-4e67-a18f-29824475847e
Error from MCP server: Error: Error POSTing to endpoint (HTTP 401)
-- the inspector hangs here --

When using sse:

SSE transport: url=<server sse endpoint>, headers=Accept
Received 401 Unauthorized from MCP server: SSE error: Non-200 status code (401)
-- the oauth flow is triggered ---

Additional context
There is discussion on this in #339, and is identified as a follow up task.

The text was updated successfully, but these errors were encountered:

ashubham added the bug Something isn't working label Apr 29, 2025

olaservo added the authorization Issues related to authentication label Apr 30, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

When using Streamable HTTP transport, the oauth flow is not triggered when the server returns 401 #358

When using Streamable HTTP transport, the oauth flow is not triggered when the server returns 401 #358

ashubham commented Apr 29, 2025 •

edited

Loading

When using Streamable HTTP transport, the oauth flow is not triggered when the server returns 401 #358

When using Streamable HTTP transport, the oauth flow is not triggered when the server returns 401 #358

Comments

ashubham commented Apr 29, 2025 • edited Loading

ashubham commented Apr 29, 2025 •

edited

Loading