René's URL Explorer Experiment


Title: Bind authenticated identity to sessions in StreamableHTTPSessionManager · Issue #2100 · modelcontextprotocol/python-sdk · GitHub

Open Graph Title: Bind authenticated identity to sessions in StreamableHTTPSessionManager · Issue #2100 · modelcontextprotocol/python-sdk

X Title: Bind authenticated identity to sessions in StreamableHTTPSessionManager · Issue #2100 · modelcontextprotocol/python-sdk

Description: Problem StreamableHTTPSessionManager._handle_stateful_request routes incoming requests to existing sessions based solely on the Mcp-Session-Id header value. There is no check that the authenticated identity on the incoming request matche...

Open Graph Description: Problem StreamableHTTPSessionManager._handle_stateful_request routes incoming requests to existing sessions based solely on the Mcp-Session-Id header value. There is no check that the authenticated...

X Description: Problem StreamableHTTPSessionManager._handle_stateful_request routes incoming requests to existing sessions based solely on the Mcp-Session-Id header value. There is no check that the authenticated...

Opengraph URL: https://github.com/modelcontextprotocol/python-sdk/issues/2100

X: @github

direct link

Domain: github.com


Hey, it has json ld scripts:
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Bind authenticated identity to sessions in StreamableHTTPSessionManager","articleBody":"## Problem\n\n`StreamableHTTPSessionManager._handle_stateful_request` routes incoming requests to existing sessions based solely on the `Mcp-Session-Id` header value. There is no check that the authenticated identity on the incoming request matches the identity that originally created the session.\n\nThe auth middleware (`BearerAuthBackend` / `RequireAuthMiddleware`) and session routing are completely decoupled layers — auth validates the token and stores it in a contextvar, while the session manager does a plain dict lookup on the header value. These two layers never cross-reference each other.\n\nThis means that if a valid `Mcp-Session-Id` is obtained by a different authenticated user (e.g., leaked via logs, shared infrastructure, or network interception without TLS), that user can send requests on the original session with no additional verification.\n\n## Expected behavior\n\nWhen auth is enabled, `_handle_stateful_request` should verify that the authenticated identity (e.g., `client_id` or subject from the access token) on the incoming request matches the identity that created the session. Requests with a mismatched identity should be rejected.\n\n## Proposed approach\n\n1. When a new session is created and auth is active, record the authenticated identity (from `AuthContextMiddleware` / `auth_context_var`) on the session or transport\n2. On subsequent requests to an existing session, compare the current request's authenticated identity against the stored one\n3. Reject with an appropriate error if they differ\n\nThis should happen at the session manager level, before the request reaches any handler.\n\n## Context\n\n- The `Mcp-Session-Id` is a `uuid4().hex` (128-bit random), so it is not guessable in practice\n- SEP-1299 and SEP-1415 in the spec repo discuss related session binding concerns at the protocol level\n- This is an SDK-level hardening that can be done independently of spec changes\n\n\u003csub\u003e[AI Disclaimer](https://gist.github.com/maxisbey/6123d132484e4c533eab519a2800693d)\u003c/sub\u003e","author":{"url":"https://github.com/maxisbey","@type":"Person","name":"maxisbey"},"datePublished":"2026-02-19T16:54:42.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":1},"url":"https://github.com/2100/python-sdk/issues/2100"}

route-pattern/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)
route-controllervoltron_issues_fragments
route-actionissue_layout
fetch-noncev2:692a25bf-4c6c-7962-ab9d-e59ec8d33e47
current-catalog-service-hash81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114
request-id86F0:2A801F:9D05A:C4E41:6A5B5C9A
html-safe-nonce02b31aaea0301e0d6a922b9358fe8592cac192c8ed5d2942123fbbf6ecfeeaa0
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4NkYwOjJBODAxRjo5RDA1QTpDNEU0MTo2QTVCNUM5QSIsInZpc2l0b3JfaWQiOiI3NTYzMzk2OTcyOTIzMjgwNTM4IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmac25258a5df336b10085ffd81b633a42e2689a040333a3c240abae4a4c77c3004e
hovercard-subject-tagissue:3963975723
github-keyboard-shortcutsrepository,issues,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///voltron/issues_fragments/issue_layout
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/modelcontextprotocol/python-sdk/2100/issue_layout
twitter:imagehttps://opengraph.githubassets.com/d8db2ae33f982e450a0b37d7daca08f2b2205137865bf0d429d52a7aa8e38746/modelcontextprotocol/python-sdk/issues/2100
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/d8db2ae33f982e450a0b37d7daca08f2b2205137865bf0d429d52a7aa8e38746/modelcontextprotocol/python-sdk/issues/2100
og:image:altProblem StreamableHTTPSessionManager._handle_stateful_request routes incoming requests to existing sessions based solely on the Mcp-Session-Id header value. There is no check that the authenticated...
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
og:author:usernamemaxisbey
hostnamegithub.com
expected-hostnamegithub.com
None5290d7e14309ad1e76106a9c4237bd1041517e83ea182c8ab756752cb0c6940b
turbo-cache-controlno-preview
go-importgithub.com/modelcontextprotocol/python-sdk git https://github.com/modelcontextprotocol/python-sdk.git
octolytics-dimension-user_id182288589
octolytics-dimension-user_loginmodelcontextprotocol
octolytics-dimension-repository_id862584018
octolytics-dimension-repository_nwomodelcontextprotocol/python-sdk
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id862584018
octolytics-dimension-repository_network_root_nwomodelcontextprotocol/python-sdk
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release9c975978430e9ad293956f2bbdaf153b1bd84a99
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/modelcontextprotocol/python-sdk/issues/2100#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fmodelcontextprotocol%2Fpython-sdk%2Fissues%2F2100
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fmodelcontextprotocol%2Fpython-sdk%2Fissues%2F2100
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=modelcontextprotocol%2Fpython-sdk
Reloadhttps://github.com/modelcontextprotocol/python-sdk/issues/2100
Reloadhttps://github.com/modelcontextprotocol/python-sdk/issues/2100
Reloadhttps://github.com/modelcontextprotocol/python-sdk/issues/2100
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/issues/2100
modelcontextprotocol https://github.com/modelcontextprotocol
python-sdkhttps://github.com/modelcontextprotocol/python-sdk
Notifications https://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk
Fork 3.7k https://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk
Star 23.6k https://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk
Code https://github.com/modelcontextprotocol/python-sdk
Issues 258 https://github.com/modelcontextprotocol/python-sdk/issues
Pull requests 303 https://github.com/modelcontextprotocol/python-sdk/pulls
Actions https://github.com/modelcontextprotocol/python-sdk/actions
Projects https://github.com/modelcontextprotocol/python-sdk/projects
Models https://github.com/modelcontextprotocol/python-sdk/models
Security and quality 6 https://github.com/modelcontextprotocol/python-sdk/security
Insights https://github.com/modelcontextprotocol/python-sdk/pulse
Code https://github.com/modelcontextprotocol/python-sdk
Issues https://github.com/modelcontextprotocol/python-sdk/issues
Pull requests https://github.com/modelcontextprotocol/python-sdk/pulls
Actions https://github.com/modelcontextprotocol/python-sdk/actions
Projects https://github.com/modelcontextprotocol/python-sdk/projects
Models https://github.com/modelcontextprotocol/python-sdk/models
Security and quality https://github.com/modelcontextprotocol/python-sdk/security
Insights https://github.com/modelcontextprotocol/python-sdk/pulse
Bind authenticated identity to sessions in StreamableHTTPSessionManagerhttps://github.com/modelcontextprotocol/python-sdk/issues/2100#top
authIssues and PRs related to Authentication / OAuthhttps://github.com/modelcontextprotocol/python-sdk/issues?q=state%3Aopen%20label%3A%22auth%22
v2Ideas, requests and plans for v2 of the SDK which will incorporate major changes and fixeshttps://github.com/modelcontextprotocol/python-sdk/issues?q=state%3Aopen%20label%3A%22v2%22
https://github.com/maxisbey
maxisbeyhttps://github.com/maxisbey
on Feb 19, 2026https://github.com/modelcontextprotocol/python-sdk/issues/2100#issue-3963975723
AI Disclaimerhttps://gist.github.com/maxisbey/6123d132484e4c533eab519a2800693d
authIssues and PRs related to Authentication / OAuthhttps://github.com/modelcontextprotocol/python-sdk/issues?q=state%3Aopen%20label%3A%22auth%22
v2Ideas, requests and plans for v2 of the SDK which will incorporate major changes and fixeshttps://github.com/modelcontextprotocol/python-sdk/issues?q=state%3Aopen%20label%3A%22v2%22
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.