Custom Header Authentication for Remote MCP Servers

·

For remote MCP servers, allowing a custom header for authentication would be helpful. I'm trying to integrate Statsig, but it doesn't accept a standard Bearer token header. https://docs.statsig.com/integrations/mcp/

1 comment

Jon Wu

·

I deployed a proxy via Cloudflare Workers to rewrite this, and that did the job

/**
 * Cloudflare Worker to proxy requests to the Statsig MCP server,
 * rewriting the Authorization header to STATSIG-API-KEY.
 *
 * This allows the Statsig MCP server to be added as a remote MCP server to Dust,
 * which only supports adding Bearer tokens for authentication, and not custom headers.
 */
export default {
  async fetch(request) {
    const url = new URL(request.url)
    const targetUrl = `https://api.statsig.com${url.pathname}${url.search}`

    const newHeaders = new Headers(request.headers)

    // Rewrite the Authorization header to STATSIG-API-KEY
    const authHeader = newHeaders.get('Authorization')
    if (authHeader && authHeader.startsWith('Bearer ')) {
      const token = authHeader.substring(7)
      newHeaders.set('STATSIG-API-KEY', token)
      newHeaders.delete('Authorization')
    }

    // Forward the request to the Statsig MCP server
    const proxyRequest = new Request(targetUrl, {
      method: request.method,
      headers: newHeaders,
      body: request.body,
      redirect: 'manual'
    })

    return fetch(proxyRequest)
  }
}

💡1