[BUG] headersHelper never executed for HTTP managedMcpServers (Claude Desktop, macOS) — static headers work, helper script silently ignored

Open 💬 0 comments Opened Jul 1, 2026 by BorntraegerMarc

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

For an HTTP-transport managedMcpServers entry in Claude Desktop (3P), headersHelper is accepted by the config UI and persisted correctly to disk, but the specified executable is never invoked — no error, warning, or log trace anywhere. Switching the identical entry to a static headers field with the same bearer token connects successfully immediately. This makes it impossible to use dynamic/rotating auth (e.g. OAuth client_credentials tokens with ~1hr expiry) with a remote MCP server; the only workaround is manually re-pasting a fresh token every ~55 minutes.

What Should Happen?

The script specified in headersHelper should execute before each request (or be cached per headersHelperTtlSec), its stdout parsed as a JSON header map, and that map attached to the outgoing MCP request — exactly as documented in the in-app tooltip: "Script that prints the auth header as a JSON object to stdout. Runs before each request (cached for the TTL below)."

Error Messages/Logs

Connection test failure:
Streamable HTTP error: Error POSTing to endpoint: {"jsonrpc":"2.0","id":0,"error":{"code":-32001,"message":"Missing Bearer token"}}
FAILED REQUEST
HTTP https://<gateway-id>.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp → initialize

No corresponding entries in Console.app under the `Claude` process, and no entries under sandboxd/security-related predicates, at the moment of the Test/Retry click.

Steps to Reproduce

  1. Add a managedMcpServers entry via Developer → Configure third-party inference → Connectors & extensions → Add server → Blank:
  • Transport: Streamable HTTP
  • URL: any remote MCP endpoint requiring Authorization: Bearer <token> on every request
  • Headers helper script: absolute path to an executable, e.g. /tmp/headers.sh
  • Tool policy: allow the expected tool name
  1. Script content (minimal repro):

#!/bin/bash
echo "$(date) invoked" >> /tmp/headers_helper_debug.log
printf '{"Authorization": "Bearer <a token independently verified valid via curl>"}\n'

  1. chmod +x /tmp/headers.sh
  1. Click "Test this connection" (or "Retry") in the Connectors & extensions panel.

Expected: script executes, /tmp/headers_helper_debug.log gains a line, connection succeeds (token was independently confirmed valid via direct curl -H "Authorization: Bearer <token>" against the same endpoint — HTTP 200, correct MCP response for both initialize and tools/list).

Actual: connection fails with "Missing Bearer token" (see Error Messages above). /tmp/headers_helper_debug.log is never created — script is never invoked, confirmed across:

  • repeated Test/Retry clicks
  • full app restart (Cmd+Q + reopen)
  • headersHelperTtlSec reduced to 1 (rules out caching)
  • script moved to /tmp (rules out TCC folder permission issues on Documents/Downloads)
  • path manually retyped into the field, not pasted (rules out invisible paste artifacts)
  • Keychain Access.app confirms Claude.app already has "Allow" access to relevant items; explicitly setting "Allow all applications" made no difference

Exporting the active config (Export button, top of Configure third-party inference) confirms headersHelper is persisted exactly as entered:
{
"mcp": {
"managedServers": [
{
"name": "Claude Desktop AgentCore Gateway",
"transport": "http",
"url": "https://<redacted>.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp",
"headersHelper": "/tmp/headers.sh",
"toolPolicy": { "web-search-tool___WebSearch": "allow" }
}
]
}
}

Switching the same entry's auth field from headersHelper to a static headers object with the identical token connects successfully within ~450ms, tools discovered correctly — confirming the MCP server, token, and config plumbing are all otherwise correct.

Possibly related to #41690 and #44774 (headersHelper silently ignored in Claude Code CLI/plugins) — but we found no evidence of the OAuth-discovery state-poisoning mechanism described in #44774 (no ~/.claude/mcp-needs-auth-cache.json, no matching Keychain discovery-state entries beyond our own manually-created items), so this may be a distinct bug in Claude Desktop's implementation, or a code path that never attempts to spawn the helper at all for HTTP-transport managed servers configured via the Connectors & extensions UI.

Claude Model

None

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

2.1.187.441 (ASBX Claude Code, channel stable) - However running on Claude Desktop latest

Platform

AWS Bedrock

Operating System

macOS

Terminal/Shell

Other

Additional Information

This bug affects the Claude Desktop app specifically (Connectors & extensions settings UI), not the claude-code CLI directly — filing here since Desktop embeds the same MCP client and prior Desktop-specific bugs (e.g. #69629, #49055, #62333) have been accepted and labeled area:desktop in this repo.

Config context: inference routed through Amazon Bedrock Mantle. MCP server under test is an AWS Bedrock AgentCore Gateway (CUSTOM_JWT authorizer, Cognito M2M client_credentials tokens, ~3600s expiry) — but the bug is generic to any HTTP managedMcpServers entry requiring a dynamically-refreshed Authorization header.

Full repro script and config JSON available on request; redacted the specific Gateway hostname above.

View original on GitHub ↗