Allow disabling auth UI for SSE/HTTP MCP servers

Resolved 💬 3 comments Opened Feb 10, 2026 by DanielPBak Closed Feb 14, 2026

Problem

When configuring an SSE-type MCP server in .mcp.json, the /mcp command always shows "authenticate" and "re-authenticate" as options. For MCP servers deployed behind a VPC or on an internal network that don't require authentication, this is confusing — users may attempt to re-authenticate, which results in a 404 error because the server doesn't implement OAuth endpoints.

Proposed Solution

Add an optional configuration field to .mcp.json that lets users explicitly declare a server doesn't require authentication, suppressing the auth UI options. For example:

{
  "mcpServers": {
    "my-internal-server": {
      "type": "sse",
      "url": "https://internal-mcp.example.com/sse",
      "authRequired": false
    }
  }
}

When authRequired is false, the /mcp menu would not show "authenticate" or "re-authenticate" for that server.

Context

  • SSE/HTTP MCP servers behind a VPC or internal network often don't need auth
  • The MCP spec treats auth as optional, but the Claude Code client currently assumes all remote servers might support it
  • stdio-type servers don't show auth options — this would bring parity for internal remote servers
  • Attempting to re-authenticate against a server that doesn't implement OAuth endpoints results in a 404, which is a poor user experience

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗