[BUG] [Feature]
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Title: Add support for environment variables in .mcp.json configuration files
Description
The Claude Code VSCode extension currently cannot resolve environment variables (e.g., ${GITHUB_PERSONAL_ACCESS_TOKEN}) in .mcp.json configuration files. This creates challenges for teams who want to share MCP configurations while keeping sensitive tokens secure.
Current Behavior
When using the VSCode extension with an .mcp.json file containing:
{
"mcpServers": {
"github": {
"type": "http",
"url": "https://api.githubcopilot.com/mcp",
"headers": {
"Authorization": "Bearer ${GITHUB_PERSONAL_ACCESS_TOKEN}"
}
}
}
}
The extension cannot resolve ${GITHUB_PERSONAL_ACCESS_TOKEN} from:
- Shell environment variables
- .env files in the workspace
- VSCode workspace settings
Expected Behavior
The extension should be able to resolve environment variables, ideally by:
- Reading from .env files in the workspace root (preferred)
- Accessing shell environment variables
- Supporting VSCode's terminal.integrated.env.* settings
Use Case
Teams need to:
- Share .mcp.json configurations in version control
- Keep personal access tokens and API keys secure in .env files (added to .gitignore)
- Avoid hardcoding sensitive credentials in configuration files
Workaround
Currently, developers must either:
- Hardcode tokens directly in .mcp.json (security risk)
- Create duplicate .mcp.local.json files with actual tokens (maintenance burden)
- Use the CLI version instead of the VSCode extension (loses IDE integration benefits)
What Should Happen?
Proposed Solution
Add support for environment variable resolution in .mcp.json, following common patterns like:
- dotenv file loading from workspace root
- Variable substitution syntax: ${VAR_NAME} or $VAR_NAME
- Optional fallback values: ${VAR_NAME:-default}
Error Messages/Logs
Steps to Reproduce
Steps to Reproduce
- Create a
.envfile in workspace root with:
GITHUB_PERSONAL_ACCESS_TOKEN=ghp_xxxxxxxxxxxx
- Create
.mcp.jsonwith environment variable reference:
{
"mcpServers": {
"github": {
"type": "http",
"url": "https://api.githubcopilot.com/mcp",
"headers": {
"Authorization": "Bearer ${GITHUB_PERSONAL_ACCESS_TOKEN}"
}
}
}
}
Open the workspace in VSCode with Claude Code extension
Attempt to use GitHub MCP functionality
Observe that the token is not resolved - the literal string ${GITHUB_PERSONAL_ACCESS_TOKEN} is sent instead of the actual token value
Expected Result
The extension should read the token from .env and substitute it in the Authorization header
Actual Result
The environment variable is not resolved, causing authentication to fail with the GitHub MCP server.
Claude Model
Sonnet (default)
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
2.0.1
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Terminal.app (macOS)
Additional Information
Environment
Claude Code VSCode Extension version: [your version]
VSCode version: [your version]
OS: macOS/Windows/Linux
Additional Context
This feature would align with standard development practices where configuration files reference environment variables for sensitive data, similar to how Docker Compose, GitHub Actions, and many other tools handle secrets.
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗