[BUG] headersHelper never executed for HTTP managedMcpServers (Claude Desktop, macOS) — static headers work, helper script silently ignored
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
For an HTTP-transport managedMcpServers entry in Claude Desktop (3P), headersHelper is accepted by the config UI and persisted correctly to disk, but the specified executable is never invoked — no error, warning, or log trace anywhere. Switching the identical entry to a static headers field with the same bearer token connects successfully immediately. This makes it impossible to use dynamic/rotating auth (e.g. OAuth client_credentials tokens with ~1hr expiry) with a remote MCP server; the only workaround is manually re-pasting a fresh token every ~55 minutes.
What Should Happen?
The script specified in headersHelper should execute before each request (or be cached per headersHelperTtlSec), its stdout parsed as a JSON header map, and that map attached to the outgoing MCP request — exactly as documented in the in-app tooltip: "Script that prints the auth header as a JSON object to stdout. Runs before each request (cached for the TTL below)."
Error Messages/Logs
Connection test failure:
Streamable HTTP error: Error POSTing to endpoint: {"jsonrpc":"2.0","id":0,"error":{"code":-32001,"message":"Missing Bearer token"}}
FAILED REQUEST
HTTP https://<gateway-id>.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp → initialize
No corresponding entries in Console.app under the `Claude` process, and no entries under sandboxd/security-related predicates, at the moment of the Test/Retry click.
Steps to Reproduce
- Add a managedMcpServers entry via Developer → Configure third-party inference → Connectors & extensions → Add server → Blank:
- Transport: Streamable HTTP
- URL: any remote MCP endpoint requiring
Authorization: Bearer <token>on every request - Headers helper script: absolute path to an executable, e.g. /tmp/headers.sh
- Tool policy: allow the expected tool name
- Script content (minimal repro):
#!/bin/bash
echo "$(date) invoked" >> /tmp/headers_helper_debug.log
printf '{"Authorization": "Bearer <a token independently verified valid via curl>"}\n'
- chmod +x /tmp/headers.sh
- Click "Test this connection" (or "Retry") in the Connectors & extensions panel.
Expected: script executes, /tmp/headers_helper_debug.log gains a line, connection succeeds (token was independently confirmed valid via direct curl -H "Authorization: Bearer <token>" against the same endpoint — HTTP 200, correct MCP response for both initialize and tools/list).
Actual: connection fails with "Missing Bearer token" (see Error Messages above). /tmp/headers_helper_debug.log is never created — script is never invoked, confirmed across:
- repeated Test/Retry clicks
- full app restart (Cmd+Q + reopen)
- headersHelperTtlSec reduced to 1 (rules out caching)
- script moved to /tmp (rules out TCC folder permission issues on Documents/Downloads)
- path manually retyped into the field, not pasted (rules out invisible paste artifacts)
- Keychain Access.app confirms Claude.app already has "Allow" access to relevant items; explicitly setting "Allow all applications" made no difference
Exporting the active config (Export button, top of Configure third-party inference) confirms headersHelper is persisted exactly as entered:
{
"mcp": {
"managedServers": [
{
"name": "Claude Desktop AgentCore Gateway",
"transport": "http",
"url": "https://<redacted>.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp",
"headersHelper": "/tmp/headers.sh",
"toolPolicy": { "web-search-tool___WebSearch": "allow" }
}
]
}
}
Switching the same entry's auth field from headersHelper to a static headers object with the identical token connects successfully within ~450ms, tools discovered correctly — confirming the MCP server, token, and config plumbing are all otherwise correct.
Possibly related to #41690 and #44774 (headersHelper silently ignored in Claude Code CLI/plugins) — but we found no evidence of the OAuth-discovery state-poisoning mechanism described in #44774 (no ~/.claude/mcp-needs-auth-cache.json, no matching Keychain discovery-state entries beyond our own manually-created items), so this may be a distinct bug in Claude Desktop's implementation, or a code path that never attempts to spawn the helper at all for HTTP-transport managed servers configured via the Connectors & extensions UI.
Claude Model
None
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
2.1.187.441 (ASBX Claude Code, channel stable) - However running on Claude Desktop latest
Platform
AWS Bedrock
Operating System
macOS
Terminal/Shell
Other
Additional Information
This bug affects the Claude Desktop app specifically (Connectors & extensions settings UI), not the claude-code CLI directly — filing here since Desktop embeds the same MCP client and prior Desktop-specific bugs (e.g. #69629, #49055, #62333) have been accepted and labeled area:desktop in this repo.
Config context: inference routed through Amazon Bedrock Mantle. MCP server under test is an AWS Bedrock AgentCore Gateway (CUSTOM_JWT authorizer, Cognito M2M client_credentials tokens, ~3600s expiry) — but the bug is generic to any HTTP managedMcpServers entry requiring a dynamically-refreshed Authorization header.
Full repro script and config JSON available on request; redacted the specific Gateway hostname above.