Support externally sourced JWT in Auth header from MCP client

[johnkwaters]

I have been using the MCP OAuth support and even DCR, which is awesome.
But there are other scenarios where we are building in using MCP Servers into some host that doesn't understand this protocol, or that doesn't have an OAuth 2.1 server available, but where we might have obtained a valid access token (Jwt Bearer token) through some other means.
In this case I would like to add this to the MCP client so that it can be passed in the Authorization: Bearer {jwt} header on each call.
Is there a good way to do this - and if not can there be a way that feel intuitive to provide that kid of 'out of band' auth support for the MCP calls?

[hobbsax1]

We're trying the do something similar (using Agent framework) and would be nice to have something where we can intercept before the actual MCP call is made so we can inject a JWT token (essentially allowing the McpClient to beat generic object that can be reused for different users)

If it could take IHttpContextAccesor and allow the the headers/request to me modified that would solve our problems.

[lex2193]

I tried on my side to leverage the HttpClientFactory by creating a custom DelegatingHandler to solve this issue:

// Register a named HttpClient with custom handler
 _services.AddHttpClient("mcp")
     .ConfigureAdditionalHttpMessageHandlers((handlers, serviceProvider) => handlers.Add(new BearerDelegatingHandler(<tokenAccessor>)));

// Create the following custom handler
internal sealed class BearerDelegatingHandler(IServiceProvider serviceProvider, Func<IServiceProvider, Task<string>> tokenAccessor) : DelegatingHandler
{
    protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
    {
        request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", await tokenAccessor.Invoke(serviceProvider));
        return await base.SendAsync(request, cancellationToken);
    }
}

// Then create your client (with injected IHttpClientFactory)
McpClient.CreateAsync(new HttpClientTransport(new HttpClientTransportOptions
{
    Endpoint = new Uri("http://<url>")
}, httpClientFactory.CreateClient("mcp"));

I know that's not the best way to handle this but it's the only solution I got at the moment