[Fix] Pass MCP auth headers from request into tool fetch for /v1/responses and chat completions#22291
Merged
ishaan-jaff merged 2 commits intomainfrom Feb 28, 2026
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
Greptile SummaryThis PR fixes a bug where MCP auth headers sent via request headers (e.g.
Confidence Score: 5/5
|
| Filename | Overview |
|---|---|
| litellm/responses/main.py | Extracts MCP auth headers from secret_fields and passes them to _process_mcp_tools_without_openai_transform for both the initial tool fetch and the auto-execute output-element fetch. Correctly guarded with isinstance check. |
| litellm/responses/mcp/chat_completions_handler.py | Moves extract_mcp_headers_from_request call before _process_mcp_tools_without_openai_transform so auth headers are available when fetching tools. The method handles None secret_fields safely. |
| litellm/responses/mcp/litellm_proxy_mcp_handler.py | Adds mcp_auth_header and mcp_server_auth_headers parameters to _get_mcp_tools_from_manager and _process_mcp_tools_without_openai_transform, wiring them through to _get_tools_from_mcp_servers. |
| tests/mcp_tests/test_aresponses_api_with_mcp.py | Adds a mock test verifying that MCP server auth headers from secret_fields are passed through to _process_mcp_tools_without_openai_transform in the responses API path. |
| tests/test_litellm/responses/mcp/test_chat_completions_handler.py | Adds a mock test verifying that MCP server auth headers from secret_fields are passed through to _process_mcp_tools_without_openai_transform in the chat completions handler path. |
Sequence Diagram
sequenceDiagram
participant Client
participant ResponsesAPI as main.py / chat_completions_handler.py
participant Utils as ResponsesAPIRequestUtils
participant MCPHandler as LiteLLM_Proxy_MCP_Handler
participant MCPServer as _get_tools_from_mcp_servers
Client->>ResponsesAPI: Request with x-mcp-*-authorization headers
ResponsesAPI->>Utils: extract_mcp_headers_from_request(secret_fields, tools)
Utils-->>ResponsesAPI: mcp_auth_header, mcp_server_auth_headers
ResponsesAPI->>MCPHandler: _process_mcp_tools_without_openai_transform(mcp_auth_header, mcp_server_auth_headers)
MCPHandler->>MCPHandler: _get_mcp_tools_from_manager(mcp_auth_header, mcp_server_auth_headers)
MCPHandler->>MCPServer: _get_tools_from_mcp_servers(mcp_auth_header, mcp_server_auth_headers)
MCPServer-->>MCPHandler: MCP tools (now with auth)
MCPHandler-->>ResponsesAPI: deduplicated tools, tool_server_map
ResponsesAPI-->>Client: Response with discovered tools
Last reviewed commit: f3ee517
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Collaborator
Author
|
@greptile re-review with the new commit that resolves Indentation bug breaks multi-server tool discovery concern |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Relevant issues
When calling /v1/responses or /chat/completions with MCP tools and auth sent via headers (e.g. x-mcp-linear_config-authorization: Bearer ), the model received an empty tools list. MCP servers that rely on dynamic auth from headers (e.g. Linear) returned no tools because auth was not forwarded to the tool fetch.
mcp_server_auth_headers were read from secret_fields via extract_mcp_headers_from_request, but were never passed into _process_mcp_tools_without_openai_transform. The tool fetch always used mcp_server_auth_headers=None, so MCP servers without auth_value in config (e.g. linear_config) got no auth and returned 0 tools.
Pre-Submission checklist
Before:
After:
Please complete all items before asking a LiteLLM maintainer to review your PR
tests/litellm/directory, Adding at least 1 test is a hard requirement - see detailsmake test-unit@greptileaiand received a Confidence Score of at least 4/5 before requesting a maintainer reviewCI (LiteLLM team)
Branch creation CI run
Link:
CI run for the last commit
Link:
Merge / cherry-pick CI run
Links:
Type
🐛 Bug Fix
✅ Test
Changes
Extract MCP auth headers from secret_fields before fetching tools and pass mcp_auth_header and mcp_server_auth_headers into _process_mcp_tools_without_openai_transform in both litellm/responses/main.py (responses API) and litellm/responses/mcp/chat_completions_handler.py (chat completions). This applies to the initial tool fetch and to the auto-execute output-element fetch. The handler already supported these parameters; the missing step was wiring them through from the request.