Skip to content

Add allow_discovery field for MCP server visibility control #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

Add allow_discovery field for MCP server visibility control #107

wants to merge 6 commits into from

Conversation

Copy link
Contributor

Copilot AI commented Nov 22, 2025
edited
Loading

Enables MCP servers to be visible in the marketplace to unauthorized users while restricting actual access. Users can see server metadata and contact information to request access, but tools/prompts remain hidden.

Backend Changes

  • Config: Added allow_discovery boolean field to MCPServerConfig (default: false)
  • Authorization: New get_discoverable_servers() method returns metadata-only view for unauthorized users
  • API: /api/config endpoint includes discoverable_servers array with limited server information

Frontend Changes

  • State: ChatContext and useChatConfig propagate discoverable servers from API
  • UI: MarketplacePanel renders discoverable servers with:
    • Lock icon + "No Access" badge
    • Grayed-out, non-selectable appearance
    • Server metadata (description, author, required groups)
    • "Request Access" email link (if help_email configured)
    • Hidden tools/prompts

Configuration Example

{
  "admin_tools": {
    "groups": ["admin"],
    "allow_discovery": true,
    "description": "Advanced analytics tools",
    "author": "Analytics Team", 
    "help_email": "analytics-access@example.com"
  }
}

Users lacking admin group membership see the server in the marketplace but cannot enable it. Only metadata is exposed; functionality remains protected by group authorization.

Security Model

  • Opt-in: Servers hidden by default unless allow_discovery: true
  • Exposed: Server name, description, author, help_email, required groups, compliance_level
  • Protected: Tools, prompts, functionality, tool counts
  • Authorization unchanged: Group membership still required for actual access
Original prompt

This section details on the original issue you should resolve

<issue_title>Allow mcp servers config to allow discoverability</issue_title>
<issue_description>In the mcp.json
allow an option that will let mcp servers to be discovered by users (they can see they exists) even if they don't have access.
this is off by default or if not specified.

The idea is that for some mcp servers that are access controlled, users could use the contact information to go request access to the needed group. Just knowing a capability exists and the right contact is helpful.

Only show the server overview and contact (not all the functions or prompts). </issue_description>

Comments on the Issue (you are @copilot in this section)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI and others added 5 commits November 22, 2025 02:47
@garland3
Add allow_discovery field for MCP servers
87da5ff 
- Added allow_discovery field to MCPServerConfig (default: false)
- Implemented get_discoverable_servers method in MCPToolManager
- Updated /api/config endpoint to include discoverable_servers
- Frontend now displays discoverable servers with "No Access" badge and lock icon
- Discoverable servers show overview, contact info, and required groups only

Co-authored-by: garland3 <1162675+garland3@users.noreply.github.com>
@garland3
Add comprehensive tests for discoverable servers feature
b0c6dc6 
Co-authored-by: garland3 <1162675+garland3@users.noreply.github.com>
@garland3
Fix linting and add documentation for discoverability feature
6819a41 
- Removed unused import in client.py
- Added comprehensive documentation for allow_discovery feature
- All tests passing, linting clean

Co-authored-by: garland3 <1162675+garland3@users.noreply.github.com>
@garland3
Improve tooltip message for discoverable servers
9953b12 
- Make tooltip more specific based on whether help_email is available
- Direct users to use Request Access link when available
- Address code review feedback

Co-authored-by: garland3 <1162675+garland3@users.noreply.github.com>
@garland3
Add implementation summary and complete feature
9241d78 
- Added comprehensive implementation summary
- All tests passing (5 new + existing tests)
- Code review completed and addressed
- Security scan passed (0 vulnerabilities)
- Backend and frontend linting clean
- Manual testing completed successfully

Co-authored-by: garland3 <1162675+garland3@users.noreply.github.com>
Copilot AI changed the title [WIP] Add config option for mcp servers discoverability Add allow_discovery field for MCP server visibility control Nov 22, 2025
Copilot AI requested a review from garland3 November 22, 2025 03:01
Copilot finished work on behalf of garland3 November 22, 2025 03:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@garland3 garland3 Awaiting requested review from garland3

Assignees

@garland3 garland3

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Allow mcp servers config to allow discoverability

2 participants

@garland3