User-Agent header in sHTTP transport is not forwarded to auth flow

[LucaButBoring]

Initial Checks

• I confirm that I'm using the latest version of MCP Python SDK
• I confirm that I searched for my issue in https://github.com/modelcontextprotocol/python-sdk/issues before opening this issue

Description

Passing a custom User-Agent header to the sHTTP transport, e.g. here does not result in auth flow requests including that user agent. There also does not appear to be any way to customize this behavior externally to the SDK itself.

In particular, this becomes a problem when working with AWS WAF, as one of its baseline rules is to require all requests to include a User-Agent header, to filter out low-grade spam.

I am currently recommending to internal teams that they disable this rule for the time being, but this is not a great solution for them, as it means removing an application guardrail to work around an SDK limitation.

Example Code

print("📡 Opening StreamableHTTP transport connection with auth...")
async with streamablehttp_client(
    url=self.server_url,
    auth=oauth_auth,
    timeout=timedelta(seconds=60),
    headers={
        "User-Agent": "mcp-python-sdk/0.1.0",
    },
) as (read_stream, write_stream, get_session_id):
    await self._run_session(read_stream, write_stream, get_session_id)

Python & MCP Python SDK

Latest SDK commit: 27279bc (1.22.0)
Python 3.13.2