[BUG] [Feature]

Resolved 💬 5 comments Opened Oct 1, 2025 by kltdwrds Closed Jan 13, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Title: Add support for environment variables in .mcp.json configuration files

Description

The Claude Code VSCode extension currently cannot resolve environment variables (e.g., ${GITHUB_PERSONAL_ACCESS_TOKEN}) in .mcp.json configuration files. This creates challenges for teams who want to share MCP configurations while keeping sensitive tokens secure.

Current Behavior

When using the VSCode extension with an .mcp.json file containing:

{
  "mcpServers": {
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp",
      "headers": {
        "Authorization": "Bearer ${GITHUB_PERSONAL_ACCESS_TOKEN}"
      }
    }
  }
}

The extension cannot resolve ${GITHUB_PERSONAL_ACCESS_TOKEN} from:

  • Shell environment variables
  • .env files in the workspace
  • VSCode workspace settings

Expected Behavior

The extension should be able to resolve environment variables, ideally by:

  • Reading from .env files in the workspace root (preferred)
  • Accessing shell environment variables
  • Supporting VSCode's terminal.integrated.env.* settings

Use Case

Teams need to:

  • Share .mcp.json configurations in version control
  • Keep personal access tokens and API keys secure in .env files (added to .gitignore)
  • Avoid hardcoding sensitive credentials in configuration files

Workaround

Currently, developers must either:

  • Hardcode tokens directly in .mcp.json (security risk)
  • Create duplicate .mcp.local.json files with actual tokens (maintenance burden)
  • Use the CLI version instead of the VSCode extension (loses IDE integration benefits)

What Should Happen?

Proposed Solution

Add support for environment variable resolution in .mcp.json, following common patterns like:

  • dotenv file loading from workspace root
  • Variable substitution syntax: ${VAR_NAME} or $VAR_NAME
  • Optional fallback values: ${VAR_NAME:-default}

Error Messages/Logs

Steps to Reproduce

Steps to Reproduce

  1. Create a .env file in workspace root with:

GITHUB_PERSONAL_ACCESS_TOKEN=ghp_xxxxxxxxxxxx

  1. Create .mcp.json with environment variable reference:
{
  "mcpServers": {
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp",
      "headers": {
        "Authorization": "Bearer ${GITHUB_PERSONAL_ACCESS_TOKEN}"
      }
    }
  }
}

Open the workspace in VSCode with Claude Code extension
Attempt to use GitHub MCP functionality
Observe that the token is not resolved - the literal string ${GITHUB_PERSONAL_ACCESS_TOKEN} is sent instead of the actual token value

Expected Result

The extension should read the token from .env and substitute it in the Authorization header

Actual Result

The environment variable is not resolved, causing authentication to fail with the GitHub MCP server.

Claude Model

Sonnet (default)

Is this a regression?

Yes, this worked in a previous version

Last Working Version

_No response_

Claude Code Version

2.0.1

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

Terminal.app (macOS)

Additional Information

Environment
Claude Code VSCode Extension version: [your version]
VSCode version: [your version]
OS: macOS/Windows/Linux
Additional Context
This feature would align with standard development practices where configuration files reference environment variables for sensitive data, similar to how Docker Compose, GitHub Actions, and many other tools handle secrets.

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗