Skip to content

mcp: support auth by HTTP Basic Auth #2888

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
lambochen opened this issue Apr 25, 2025 · 7 comments
Open

mcp: support auth by HTTP Basic Auth #2888

lambochen opened this issue Apr 25, 2025 · 7 comments

Comments

@lambochen
Copy link

lambochen commented Apr 25, 2025
edited
Loading

Support a way to auth client-server connection.

I think it's necessary, such as, When using Claude Desktop to connect to a remote MCP Server, only one URL can be filled in. If identity authentication and authorization are implemented, passing information from the request parameters is a good choice.

Claude mcp config example:

{
  "mcpServers": {
    "mcp-remote-server-example": {
      "url": "http://127.0.0.1:8080/sse" 
    }
  }
}

[discard] support request params such as:

{
  "mcpServers": {
    "mcp-remote-server-example": {
      "url": "http://127.0.0.1:8080/sse?key=value" 
    }
  }
}

support 'HTTP Basic Auth' such as:

{
  "mcpServers": {
    "mcp-remote-server-example": {
      "url": "http://user:[email protected]:8080/sse" 
    }
  }
}
@lambochen
Copy link
Author

PR: #2886

@lambochen
Copy link
Author

CC: @tzolov thx

@lambochen
Copy link
Author

related mcp issue: modelcontextprotocol/java-sdk#204
PR: modelcontextprotocol/java-sdk#205

This was referenced Apr 25, 2025
Draft
Draft
Open
@quaff
Copy link
Contributor

quaff commented Apr 27, 2025

Why not http://user:[email protected]:8080/sse?

@lambochen
Copy link
Author

Thank you for your comment. HTTP Basic Auth is indeed a more suitable solution for authentication scenarios

Why not http://user:[email protected]:8080/sse?

@quaff
Copy link
Contributor

quaff commented Apr 28, 2025

It is indeed not possible to pass the username and password via query parameters in standard HTTP auth. Instead, you use a special URL format, like this: http://username:[email protected]/ -- this sends the credentials in the standard HTTP "Authorization" header.

See https://serverfault.com/a/371918

@lambochen
Copy link
Author

It is indeed not possible to pass the username and password via query parameters in standard HTTP auth. Instead, you use a special URL format, like this: http://username:[email protected]/ -- this sends the credentials in the standard HTTP "Authorization" header.

See https://serverfault.com/a/371918

Thank you for your related sharing, I will adjust the plan to achieve authentication more securely

@lambochen lambochen changed the title mcp: support auth by request params mcp: support auth by HTTP Basic Auth Apr 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@quaff @lambochen