Are tools and toolsets supported when running in http mode? #2191
-
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 9 replies
-
|
This looks like a real boundary issue rather than just a docs misunderstanding. If the server advertises or accepts tools outside the configured allowlist in http mode, then tool scoping is not actually enforceable at the transport boundary, which defeats a big part of the safety story. |
Beta Was this translation helpful? Give feedback.
-
|
@dahera you need to use the header configuration (mentioned in the remote server documentation). In http mode the server respects configuration per user that connects, not a global configuration for the whole server like STDIO. Add headers like |
Beta Was this translation helpful? Give feedback.

@dahera you need to use the header configuration (mentioned in the remote server documentation). In http mode the server respects configuration per user that connects, not a global configuration for the whole server like STDIO.
Add headers like
x-mcp-toolsetsor add /x/issues to the route. The behaviour should be consistent with the remote server behaviour.