MCP server endpoint (streamable HTTP, PAT-authed) #52
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#52
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Expose the tool registry as a streamable-HTTP MCP server at
/api/mcp, authenticated by Personal Access Token, tested end-to-end against at least one real external client (Claude Code).Scope
/api/mcp(or/api/mcp/[...path]depending on what the chosen MCP server library expects).Authorization: Bearer <PAT>. Requests without a valid token return 401. The authenticated user is taken from the PAT lookup and passed to the tool registry the same way the PWA agent does.claude_desktop_config.json→ verify) is documented in the external-agent-setup docs ticket.Acceptance criteria
/api/mcpis reachable, speaks streamable-HTTP MCP, and rejects unauth'd requests with 401.Part of epic #47. Depends on Personal Access Tokens, the agent-runtime ADR, the tool-granularity ADR, and the Domain tool surface.
Closing — the deliverable shipped under #331 (initial
/api/mcpendpoint) and #339 (refactor onto the shareddispatchRegistryTool), so this epic-linked ticket was never auto-closed.Acceptance criteria, status:
/api/mcpis reachable, speaks streamable-HTTP MCP (JSON-RPC:initialize/notifications/initialized/ping/tools/list/tools/call), and rejects unauth'd requests with 401 (PAT bearer). Covered inapps/api/tests/api/mcp.test.ts.commit_proposalagainst another user's proposal returns a 404-classisError. Tested.tools/list→tools/callround trip, including the write-confirmation flow (create_notereturns aProposedChangeand mutates nothing; thecommit_proposalmeta-tool applies it and writes an audit event). Tested.docs/agent-setup-guide.md(#360). Left as a maintainer sign-off.Note:
/api/mcpanswers with a singleapplication/jsonresponse (stateless, noMcp-Session-Id, no GET/SSE channel) — a valid minimal streamable-HTTP server for request/response tool calls. The manual smoke test is what confirms a real client is happy with that shape; if a gap surfaces there, it'll be its own follow-up.