Skip to content

MCP Client Ignores Authorization Header in mcp.json, Causing 401 Error #354

New issue
New issue
Closed
Closed
MCP Client Ignores Authorization Header in mcp.json, Causing 401 Error#354
Assignees
flytiny
Labels
bugSomething isn't working
@accendium

Description

@accendium
accendium
opened on Jun 19, 2025

Describe the bug

When attempting to configure the official GitHub Copilot MCP endpoint (https://api.githubcopilot.com/mcp/) within the mcp.json file for the JetBrains plugin, the connection fails with an HTTP 401 error. The error log explicitly states bad request: missing required Authorization header. This occurs even when a valid Personal Access Token (PAT) is provided in the correct headers object as specified in the documentation. The client does not appear to be sending the Authorization header from the mcp.json configuration to the endpoint. This prevents users from potentially extending or interacting with the native GitHub MCP endpoint directly.

Affected version

GitHub Copilot for Jetbrains: Version 1.5.47-243 (latest, Jun 17, 2025)

Steps to reproduce the behavior

  1. In a JetBrains IDE with the GitHub Copilot plugin installed, create or modify the mcp.json file in the configuration directory.
  2. Configure the file to point to the GitHub MCP endpoint and include a valid PAT for authentication, like so: 
    {
    "servers": {
        "github": {
            "url": "https://api.githubcopilot.com/mcp/",
            "headers": {
                "Authorization": "Bearer <PAT_TOKEN>"
            }
        }
    }
}

or

    {
        "servers": {
            "github": {
                "url": "https://api.githubcopilot.com/mcp/",
                "authorization_token": "Bearer <PAT_TOKEN>"
            }
        }
    }
  1. Restart the IDE and observe the GitHub Copilot logs.
  2. See the connection error in the logs.

Expected vs actual behavior

Expected: The GitHub Copilot client in the JetBrains IDE should read the mcp.json configuration, attach the specified Authorization header to its POST request, and successfully connect to the https://api.githubcopilot.com/mcp/ endpoint.

Actual: The connection fails. The logs show an HTTP 401 error with the message bad request: missing required Authorization header, indicating that the header configured in mcp.json was not included in the request sent by the client.

Logs

[2025-06-19 10:10:02.001][info]    [github]Starting server github
[2025-06-19 10:10:02.236][error]   [github]Connection state: Error: Error POSTing to endpoint (HTTP 401): bad request: missing required Authorization header

[2025-06-19 10:10:02.236][info]    [github]Connection state: Stopped
[2025-06-19 10:10:02.236][error]   [github]Failed to connect to MCP server: Error POSTing to endpoint (HTTP 401): bad request: missing required Authorization header

[2025-06-19 10:10:02.237][error]   [github]message: Error POSTing to endpoint (HTTP 401): bad request: missing required Authorization header
 stack: Error: Error POSTing to endpoint (HTTP 401): bad request: missing required Authorization header

    at JY.send (C:\snapshot\copilot-client\node_modules\@modelcontextprotocol\sdk\src\client\streamableHttp.ts:414:15)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy