Skip to content

Correct custom mcpTools auth wording: anonymously invocable, no login gate#574

Merged
kylebernhardy merged 1 commit into
mainfrom
docs/mcp-tools-anonymous-566
Jul 8, 2026
Merged

Correct custom mcpTools auth wording: anonymously invocable, no login gate#574
kylebernhardy merged 1 commit into
mainfrom
docs/mcp-tools-anonymous-566

Conversation

@kylebernhardy

Copy link
Copy Markdown
Member

Fixes #566.

The Custom mcpTools section claimed "Authentication is "is the user logged in" only" — inaccurate: custom tools register with visibleTo: () => true, the MCP route mounts with no auth requirement, and an anonymous session can list and call them (verified live by the reporter on 5.1.15, and consistent with the anonymous-session posture verified during harper#1613/#1633). The paragraph now states the anonymous exposure plainly, contrasts it with the RBAC-filtered auto verb tools, and tells authors exactly how to gate (context.user check in the method).

Same wording had been copied into the pending mcpResources docs (#567) — corrected there in its own branch.

Generated by an LLM (Claude Fable 5).

… gate

Fixes #566. The "is the user logged in only" claim was wrong — custom
tools register with visibleTo: () => true and the MCP route imposes no
auth requirement, so anonymous sessions can list and call them. Now
states that plainly and contrasts with the RBAC-filtered verb tools.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@kylebernhardy kylebernhardy requested a review from a team as a code owner July 8, 2026 14:56
@kylebernhardy kylebernhardy requested a review from kriszyp July 8, 2026 14:56

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the documentation in reference/mcp/tools-and-resources.md to clarify security behaviors for custom tools. Specifically, it highlights that custom tools are exposed to all MCP sessions, including anonymous and unauthenticated ones, and that developers must implement their own access control checks within the tool's method. There are no review comments, so I have no feedback to provide.

@github-actions github-actions Bot temporarily deployed to pr-574 July 8, 2026 14:59 Inactive
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

🚀 Preview Deployment

Your preview deployment is ready!

🔗 Preview URL: https://preview.harper-documentation.harperfabric.com/pr-574

This preview will update automatically when you push new commits.

@kylebernhardy kylebernhardy merged commit 2fc0fff into main Jul 8, 2026
7 checks passed
@kylebernhardy kylebernhardy deleted the docs/mcp-tools-anonymous-566 branch July 8, 2026 20:49
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

🧹 Preview Cleanup

The preview deployment for this PR has been removed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

docs(mcp): custom mcpTools are invocable anonymously — "logged in only" wording is incorrect

3 participants