Summary
Implement the MCP server route handler inside the shell created by #7426. This makes the endpoint functional and testable end-to-end with any MCP client, even before tools are registered.
Requirements
Route handler
- Implement the
POST /api/v1/mcp handler in forge/ee/routes/mcpServer/index.js
- Per-request
McpServer + StreamableHTTPServerTransport instantiation
- Hijack the raw Node.js request/response from Fastify (JSON-RPC protocol requires direct control over the response)
- Reject non-POST methods with 405
Authentication
verifySession is already applied globally to all EE routes, PAT Bearer token auth comes for free- Reject non-user tokens (project, device, team, broker tokens should not be able to use the MCP endpoint)
MCP protocol basics
- Handle
initialize handshake
- Respond to
tools/list with an empty tool list
- Endpoint should be fully functional for MCP client connections, just with no tools registered yet
Tests
- Unauthenticated requests rejected
- Non-user tokens rejected (project/device tokens)
- MCP
initialize handshake completes successfully
tools/list returns empty array- GET/DELETE return 405
References
Summary
Implement the MCP server route handler inside the shell created by #7426. This makes the endpoint functional and testable end-to-end with any MCP client, even before tools are registered.
Requirements
Route handler
POST /api/v1/mcphandler inforge/ee/routes/mcpServer/index.jsMcpServer+StreamableHTTPServerTransportinstantiationAuthentication
verifySessionis already applied globally to all EE routes, PAT Bearer token auth comes for freeMCP protocol basics
initializehandshaketools/listwith an empty tool listTests
initializehandshake completes successfullytools/listreturns empty arrayReferences