Skip to content

docs: Document MCP Streamable HTTP auth parameters #1751

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lukekim merged 1 commit into from
May 20, 2026
+38 −1
Merged

docs: Document MCP Streamable HTTP auth parameters #1751

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 38 additions & 1 deletion website/docs/components/tools/mcp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,34 @@ tools:
from: mcp:http://example.com/v1/mcp
```

### Example: Connecting to an Auth-Enabled MCP Server (Streamable HTTP)

Streamable HTTP MCP tools support sending an `Authorization: Bearer` token via `mcp_auth_token`, or arbitrary HTTP headers via `mcp_headers`. Both parameters resolve [secret references](../secret-stores/) before the MCP client is constructed.

Sending a bearer token:

```yaml
tools:
- name: remote_spice
from: mcp:https://my-spice.example.com/v1/mcp
params:
# Sends: Authorization: Bearer <expanded secret value>
mcp_auth_token: ${ secrets:MCP_SERVER_API_KEY }
```

Sending a custom header (e.g., API key):

```yaml
tools:
- name: remote_spice
from: mcp:https://my-spice.example.com/v1/mcp
params:
# Sends: X-API-Key: <expanded secret value>
mcp_headers: 'X-API-Key: ${ secrets:MCP_SERVER_API_KEY }'
```

If both `mcp_auth_token` and a custom `Authorization` header in `mcp_headers` are set, `mcp_auth_token` wins and a warning is logged.

## Using MCP Tools with Models

Once configured, MCP tools can be assigned to models via the `tools` parameter. For example:
Expand Down Expand Up @@ -87,7 +115,9 @@ The `from` field specifies the transport mechanism for the MCP tool:

### `params`

The `params` field provides additional configuration for MCP tools. For stdio-based tools, use `mcp_args` to specify command-line arguments.
The `params` field provides additional configuration for MCP tools.

For stdio-based tools, use `mcp_args` to specify command-line arguments:

```yaml
tools:
Expand All @@ -97,6 +127,13 @@ tools:
mcp_args: -y @custom/tool
```

For Streamable HTTP tools, the following auth parameters are supported:

- `mcp_auth_token` — Sends `Authorization: Bearer <token>` on every request to the MCP server.
- `mcp_headers` — Sends additional HTTP headers using the same `Header: Value` comma- or semicolon-delimited format as the [HTTP data connector's `http_headers`](../data-connectors/https). Header values are marked sensitive.

Both parameters support [secret expansion](../secret-stores/). When `mcp_auth_token` is set, an `Authorization` header in `mcp_headers` is ignored and a warning is logged to avoid duplicate auth headers.

### `env`

For stdio-based MCP tools, environment variables can be set using the `env` field.
Expand Down
Loading