You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I’m working on a setup where I want to build secure MCP servers that can act on behalf of a user. Specifically, I’m experimenting with langchain-mcp-adapters and would like to ensure that a user’s access token (e.g., from a browser or frontend client) is passed all the way down to the specific MCP server implementation.
I see that MultiServerMCPClient supports a headers field, but this seems to only allow for static headers. Is there a supported way to dynamically pass per-request headers — such as authentication tokens — through to the final MCP server?
Has anyone implemented this pattern, or is there a recommended approach for securely propagating user identity across the full request chain?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
I’m working on a setup where I want to build secure MCP servers that can act on behalf of a user. Specifically, I’m experimenting with langchain-mcp-adapters and would like to ensure that a user’s access token (e.g., from a browser or frontend client) is passed all the way down to the specific MCP server implementation.
I see that MultiServerMCPClient supports a headers field, but this seems to only allow for static headers. Is there a supported way to dynamically pass per-request headers — such as authentication tokens — through to the final MCP server?
Has anyone implemented this pattern, or is there a recommended approach for securely propagating user identity across the full request chain?
Thanks in advance!
Beta Was this translation helpful? Give feedback.
All reactions