Investigate and fix HTTP-type MCP server configuration for direct connections
Summary
While implementing default OAuth scope to mcp for dynamic client registration in !208967 (merged), testing revealed that the simplified HTTP-type MCP server configuration doesn't work as expected and requires additional changes.
Current Issue
The following configuration was attempted but didn't succeed:
{
"mcpServers": {
"GitLab-GDK-http": {
"type": "http",
"url": "https://gdk.test:3443/api/v4/mcp",
"disabled": false
}
}
}This configuration should allow direct HTTP connections to the GitLab MCP server without relying on the mcp-remote tool, but currently fails.
Background
From the discussion in !208967 (merged):
- The
mcp-remotelibrary is experimental and doesn't receive consistent updates - We want to move away from requiring
mcp-remoteas a client connection library - The current MCP API only allows
mcp-remoteconnections to usehttpas the transport protocol - Direct HTTP-type connections should be supported but currently don't work
Expected Behavior
Users should be able to configure MCP servers with direct HTTP connections using the simplified configuration above, without needing the mcp-remote wrapper.
Investigation Areas
- Transport Protocol Support: Verify that the MCP API properly handles direct HTTP requests from MCP clients
- Authentication Flow: Ensure OAuth flow works correctly for direct HTTP connections
-
Rate Limiting: Check if rate limiting issues affect direct connections differently than
mcp-remoteconnections - CORS/Headers: Verify proper CORS headers and request handling for direct HTTP connections
Acceptance Criteria
-
Direct HTTP-type MCP server configuration works without mcp-remote -
OAuth authentication flow completes successfully for direct connections -
Rate limiting doesn't prevent legitimate direct HTTP connections -
Documentation is updated with working direct HTTP configuration examples -
Tests are added to verify direct HTTP connection functionality
Related
- Parent MR: !208967 (merged) - Default OAuth scope to
mcpfor dynamic client registration - Related issue: #570482 (closed)