API key for SSE MCP servers

idncsk · May 31, 2025, 6:18am

Guess no news about header support till this day right?

vscode-insiders works nicely

"mcp": {

    "servers": {
        "canvas-server": {
            "type": "sse",
            "url": "http://localhost:8002/sse",
            "headers": {
                "Authorization": "Bearer canvas-6ae3.."
            }
        }
    }
}

vz10 · June 2, 2025, 12:47am

It’s kinda irony that Cursor that is supposed to be AI-first comparing to VSCode actually lagging behind in terms of MCP support. ¯_(ツ)_/¯

sgraphics · June 4, 2025, 10:33am

Any support for api key headers yet? Can not provide access to my service unless I can identify the user - need it for spam, context, quotas etc.

condor · June 4, 2025, 10:40am

Yes that makes sense, I added my vote to it. Also for security reasons more and more MCP servers will start using OAuth.

sriramz · June 9, 2025, 1:37pm

This is becoming a requirement for us to enable our in-house MCP, so we’re a bit bummed that it’s not officially supported yet.
Do you have any updates on when this will be available?

ayushagwl499 · June 13, 2025, 4:43am

This would be a great feature and open up multi tenant MCP servers! Bummer that we don’t have it on cursor yet

Sai_Kiran_Rathan · June 19, 2025, 5:34pm

This is need of the hour, We want to host MCP’s internally and need to supply tokens user specific instead of hardcoding it in the MCP

avi-pinecone · June 23, 2025, 1:59pm

Finally, they have it
Tested with streamable-http transport (against our Pinecone Assistant remote MCP server).
The relevant section in the docs is updated as well: Cursor – Model Context Protocol

condor · June 23, 2025, 3:09pm

How do you authenticate in cursor using streamable?

avi-pinecone · June 23, 2025, 4:56pm

You can use bearer token for example. See their example in the “Remote Server” tab.

condor · June 23, 2025, 7:14pm

So it should be something like this, right? (I dont have a streamable SSE MCP at the moment to test)

{
  "mcpServers": {
    "my-api-server": {
      "url": "https://api.example.com/mcp",
      "headers": {
        "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
        "Content-Type": "application/json"
      }
    }
  }
}

sriramz · July 22, 2025, 6:45pm

Hi team,

Is there already a feature or will we get a feature to read from env for headers?
It’s very critical when the mcp.json is checked into repositories, where we won’t be having users adding there auth headers.

VSCode already has this support through direct env directive or through input syntax in MCP.

It would be great if we have it as well.

Topic		Replies	Views
Cursor MCP requests do not honour API-key provision to sse (only stdio works) Bug Reports	10	799	June 21, 2025
Cursor configuration MCP Server error Bug Reports	2	724	June 24, 2025
The mcp sse env parameter cannot be passed Bug Reports	1	293	May 27, 2025
Solved: Specify SSE Server in mcp.json How To	3	2554	April 4, 2025
SSE endpoint MCP does not work with CLI Bug Reports	0	35	August 19, 2025

API key for SSE MCP servers

Related topics