Adjust MCP tool approval handling for custom servers#11787
Conversation
|
All contributors have signed the CLA ✍️ ✅ |
|
I have read the CLA Document and I hereby sign the CLA |
colby-oai
force-pushed
the
dev/colby-oai/custom_mcp_approval_check
branch
from
10089f1 to
ecae922
Compare
| url: None, | ||
| }) | ||
| } else { | ||
| None |
There was a problem hiding this comment.
Why dropping elicitation for custom MCPs? I do think we have support for custom MCPs that @nornagon-openai built.
There was a problem hiding this comment.
@mzeng-openai we do have support for server-driven elicitation for custom MCPs, yes. However we essentially need to make a choice between:
- rely on custom/random mcp servers to elicit at proper times
- rely on client-side annotations (+ CAM and other controls in the near future)
Otherwise, we risk the bad UX of double approvals. The choice we felt was better here was to not advertise that we support elicitation for custom mcps and instead look at annotations.
There was a problem hiding this comment.
Can we restrict this to custom MCPs only? I don't think we want to just use clientside approval and bypass serverside elicitation all at once for Apps, since we have CAM and all other serverside monitors.
There was a problem hiding this comment.
@mzeng-openai
Absolutely! The only changes in this PR should be related to custom MCPs. Nothing in this PR touches how codex apps work
There was a problem hiding this comment.
My understanding is currently (before this PR), codex apps are also doing client-side annotation checks. I understand they won't/shouldn't in the very near future as we use connector gateway.
My change in this pr though, is simply extending the annotation checks that exist for codex apps to apply to custom MCPs as well
3 participants
Summary
This PR expands MCP client-side approval behavior beyond codex_apps and tightens elicitation capability signaling.
server-specific prompt copy behavior
codex-apps-only elicitation capability advertisement
Testing