Skip to content

Add Streamable HTTP documentation #1968

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
SamMorrowDrums merged 4 commits into from
Feb 6, 2026
Merged

Add Streamable HTTP documentation #1968

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
5384e23
Add Streamable HTTP documentation
omgitsads Feb 6, 2026
f5d86f0
Update docs/streamable-http.md
omgitsads Feb 6, 2026
8203457
Don't use privilaged ports or https for docs
omgitsads Feb 6, 2026
ed91a66
Merge branch 'main' into http-docs
omgitsads Feb 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
93 changes: 93 additions & 0 deletions docs/streamable-http.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
# Streamable HTTP Server

The Streamable HTTP mode enables the GitHub MCP Server to run as an HTTP service, allowing clients to connect via standard HTTP protocols. This mode is ideal for deployment scenarios where stdio transport isn't suitable, such as reverse proxy setups, containerized environments, or distributed architectures.

## Features

- **Streamable HTTP Transport** — Full HTTP server with streaming support for real-time tool responses
- **OAuth Metadata Endpoints** — Standard `.well-known/oauth-protected-resource` discovery for OAuth clients
- **Scope Challenge Support** — Automatic scope validation with proper HTTP 403 responses and `WWW-Authenticate` headers
- **Scope Filtering** — Restrict available tools based on authenticated credentials and permissions
- **Custom Base Paths** — Support for reverse proxy deployments with customizable base URLs

## Running the Server

### Basic HTTP Server

Start the server on the default port (8082):

```bash
github-mcp-server http
```

The server will be available at `http://localhost:8082`.

### With Scope Challenge

Enable scope validation to enforce GitHub permission checks:

```bash
github-mcp-server http --scope-challenge
```

When `--scope-challenge` is enabled, requests with insufficient scopes receive a `403 Forbidden` response with a `WWW-Authenticate` header indicating the required scopes.

### With OAuth Metadata Discovery

For use behind reverse proxies or with custom domains, expose OAuth metadata endpoints:

```bash
github-mcp-server http --scope-challenge --base-url https://myserver.com --base-path /mcp
```

The OAuth protected resource metadata's `resource` attribute will be populated with the full URL to the server's protected resource endpoint:

```json
{
"resource_name": "GitHub MCP Server",
"resource": "https://myserver.com/mcp",
"authorization_servers": [
"https://github.com/login/oauth"
],
"scopes_supported": [
"repo",
...
],
...
}
```

This allows OAuth clients to discover authentication requirements and endpoint information automatically.

## Client Configuration

### Using OAuth Authentication

If your IDE or client has GitHub credentials configured (i.e. VS Code), simply reference the HTTP server:

```json
{
"type": "http",
"url": "http://localhost:8082"
}
```

The server will use the client's existing GitHub authentication.

### Using Bearer Tokens or Custom Headers

To provide PAT credentials, or to customize server behavior preferences, you can include additional headers in the client configuration:

```json
{
"type": "http",
"url": "http://localhost:8082",
"headers": {
"Authorization": "Bearer ghp_yourtokenhere",
"X-MCP-Toolsets": "default",
"X-MCP-Readonly": "true"
}
}
```

See [Remote Server](./remote-server.md) documentation for more details on client configuration options.