Describe the bug
Summary: When connecting to a remote MCP server via http transport that assigns a session ID during initialization, GitHub Copilot does not include the Mcp-Session-Id header on subsequent requests, resulting in HTTP 400 errors.
Affected version
GitHub Copilot CLI 1.0.59
Actual behavior
The Mcp-Session-Id header from the server's initialize response is not persisted or sent on follow-up requests (e.g., tools/list, tools/call). The server responds with 400 Bad Request.
Expected behavior
Per the MCP Streamable HTTP specification (2025-06-18+), when a server returns an Mcp-Session-Id header in the initialize response, the client MUST include that header in all subsequent HTTP requests.
Other Info
Environment:
- Transport type: http
- Remote MCP server with sessions enabled
- MCP protocol version: 2025-11-25
Spec reference: https://modelcontextprotocol.io/specification/2025-11-25/basic/transports#session-management
Impact: Cannot use any session-dependent MCP server, including features like elicitation and sampling. Workaround is disabling sessions on the server side, which limits functionality.
Describe the bug
Summary: When connecting to a remote MCP server via http transport that assigns a session ID during initialization, GitHub Copilot does not include the Mcp-Session-Id header on subsequent requests, resulting in HTTP 400 errors.
Affected version
GitHub Copilot CLI 1.0.59
Actual behavior
The Mcp-Session-Id header from the server's initialize response is not persisted or sent on follow-up requests (e.g., tools/list, tools/call). The server responds with 400 Bad Request.
Expected behavior
Per the MCP Streamable HTTP specification (2025-06-18+), when a server returns an Mcp-Session-Id header in the initialize response, the client MUST include that header in all subsequent HTTP requests.
Other Info
Environment:
Spec reference: https://modelcontextprotocol.io/specification/2025-11-25/basic/transports#session-management
Impact: Cannot use any session-dependent MCP server, including features like elicitation and sampling. Workaround is disabling sessions on the server side, which limits functionality.