René's URL Explorer Experiment


Title: Work through the spec-conformance gaps recorded by the interaction suite by maxisbey · Pull Request #2999 · modelcontextprotocol/python-sdk · GitHub

Open Graph Title: Work through the spec-conformance gaps recorded by the interaction suite by maxisbey · Pull Request #2999 · modelcontextprotocol/python-sdk

X Title: Work through the spec-conformance gaps recorded by the interaction suite by maxisbey · Pull Request #2999 · modelcontextprotocol/python-sdk

Description: The tests/interaction/ suite is requirement-tagged against the MCP specification. Where the SDK's behaviour fell short of the spec, the suite did not skip or xfail: it pinned the actual behaviour and recorded the gap on the requirement entry. This PR is a burn-down of those recorded gaps. It fixes fourteen of them in code (and deletes a fifteenth whose behaviour had already been fixed but whose record had gone stale), narrows three more to a precisely-stated residual, records two as deliberate, ecosystem-consistent choices, and closes three long-standing upstream issues along the way. It spans the server's bearer-token gate, the bundled OAuth authorization server, the OAuth client's use of discovered metadata, the JSON-RPC error surface for cancellation / handler crashes / unhandled client callbacks, the initialize handshake, an opt-in client-side capability pre-check, the explicit-token progress API, and the elicitation requested-schema type. For every behaviour change, the existing requirement-tagged test flips from pinning the gap to pinning the spec behaviour, so the suite stays the source of truth for what conforms and what does not. Commits Commit / subject What it closes, by behaviour 68e4eb28 Tighten requirements-catalog divergence notes to match current SDK behaviour Bookkeeping only — no runtime change. Corrects four requirement entries whose recorded-gap notes had gone stale (one behaviour was already fixed; three were re-scoped or re-classified as intentional, cross-SDK-consistent choices). bad42e28 Emit RFC 6750 scope= in WWW-Authenticate and validate token audience The resource server's 401/403 challenges now advertise the required scopes via scope= (which the SDK client already reads to drive step-up); a request with no credentials gets a bare Bearer challenge instead of error="invalid_token" (RFC 6750 §3.1 says the error attribute SHOULD NOT appear when nothing was presented); and a token whose RFC 8707 audience names a different server is now rejected 401 invalid_token. 47639a2b Stop replying to cancelled requests; map unhandled handler exceptions to -32603 A request cancelled via notifications/cancelled now gets no response, per the spec's SHOULD (it was answered with code: 0). An unhandled exception in a request handler now produces JSON-RPC -32603 (INTERNAL_ERROR) with an opaque message instead of code: 0 carrying str(exc) — handler internals no longer leak to the peer; the exception is still logged server-side. raise MCPError(...) for a specific code is unchanged. a1734460 Reject bearer tokens that carry no audience claim Closes the hole the previous commit left: a verified token with no resource indicator at all was still accepted. When resource_server_url is configured the gate now fails closed (401 invalid_token). AuthSettings(verifier_validates_audience=True) opts out for verifiers that enforce aud themselves and cannot surface the claim; RefreshToken.resource is added so the audience binding survives a refresh. The SDK's own tutorials and example servers were teaching the bug and are fixed in the same commit. 884badc9 Use spec error codes for unhandled elicitation/create and roots/list When a client has no elicitation_callback / list_roots_callback, the SDK still answers the server on its behalf. Those answers now use the codes the spec assigns — -32602 for elicitation/create (a client with no callback declared no modes, and a request for an undeclared mode MUST be answered -32602) and -32601 for roots/list — instead of -32600 for both. Messages unchanged; sampling stays at -32600 (the spec assigns no code there). 24061fe9 Reject non-HTTPS, non-loopback redirect URIs at client registration The bundled authorization server's /register accepted any well-formed URL as a redirect_uris entry — cleartext http:// on a non-loopback host, javascript:, data:, fragment-carrying URIs. It now rejects anything that is not HTTPS or a loopback host (localhost, 127.0.0.1, [::1]) with 400 invalid_client_metadata, and rejects fragments (OAuth 2.1 §2.3). Separately, /token now answers an authorization-code exchange whose redirect_uri does not match the one used at /authorize with error=invalid_grant (RFC 6749 §5.2) instead of invalid_request. Closes #2629. 3eb352c8 Align OAuth client with spec on PKCE verification and scope selection (a) The client now verifies PKCE support before starting an authorization-code grant, as the spec's Authorization Code Protection section requires: if AS metadata was discovered and its code_challenge_methods_supported is absent or omits S256, the flow raises OAuthFlowError instead of redirecting. (b) The client stops reading the authorization server's scopes_supported as a scope fallback — that list is a superset of any one resource's, so the SDK over-requested and triggered real access_denied failures. The spec's chain is WWW-Authenticate scope= → PRM scopes_supported → omit. Closes #1307. 1e2bd9be Reject a second initialize on an already-initialized session A repeated initialize on a live connection was answered as a fresh handshake, silently overwriting the session's recorded client_params and negotiated protocol version — so a later check_capability answered against the second client's capabilities. It is now rejected -32600 ("Session already initialized") and the established session keeps serving. No compliant client is affected (ClientSession.initialize() is already idempotent). Legacy-only: 2026-07-28 removes initialize. Closes #2605. 8f60ebe5 Make the prompt test's opaque coverage workaround explicit Test-only: a two-line comment explaining a deliberately non-obvious shape in one prompt test, so the next reader does not "fix" it into a coverage violation. 28f500c7 Add an opt-in strict_capabilities flag to Client and ClientSession Additive, default-off. Client(..., strict_capabilities=True) rejects, before the request reaches the transport, a call to a method whose required server capability the connected server did not advertise — e.g. list_resources() against a server that only advertised tools, or subscribe_resource() when the server's resources capability does not set subscribe. The rejection is an MCPError with -32601 (METHOD_NOT_FOUND), the same code a compliant server returns for an unadvertised capability, so opting in changes where the rejection happens, not what callers catch. Mirrors the TypeScript SDK's enforceStrictCapabilities (also default-off); the same keyword-only parameter exists on ClientSession. Because the gate reads the negotiated server capabilities, combining it with a bare version pin (where the client never learns them) is refused at construction with a ValueError that names the fix. The method-to-capability table is exported as mcp_types.methods.SERVER_CAPABILITY_REQUIREMENTS, and the lifecycle capability-rule requirement entry is no longer marked untested. eddfa29d Deprecate ServerSession.send_progress_notification send_progress_notification takes an explicit progress token decoupled from any request's lifetime, so it can keep emitting progress for a request that has already completed — which the spec forbids ("Progress notifications MUST stop after completion"). It is deprecated in favour of the request-scoped Context.report_progress() / ServerSession.report_progress(), which reports against the inbound request's own token, no-ops when the caller did not ask for progress, and is closed with the request. The deprecated method keeps working and emits MCPDeprecationWarning. To make "stops when the request completes" hold on every dispatcher, the in-process direct dispatcher now closes its context with the request the way the JSON-RPC one already did. 3605ec09 Type the elicitation requested schema on the send side ElicitRequestedSchema was a TypeAlias for dict[str, Any]; it is now a Pydantic model of the spec's restricted requested-schema subset, backed by a new PrimitiveSchemaDefinition union. ServerSession.elicit_form() (and the deprecated elicit() alias) and ClientPeer.elicit_form() accept only this model, so a nested-object property, an array-of-objects property, or an anyOf union is unconstructible at the only place a server author supplies a schema, rather than silently forwarded to the client — the spec restricts form-mode requested schemas to flat objects with primitive-typed properties ("complex nested structures, arrays of objects … are intentionally not supported"). The high-level Context.elicit() / elicit_with_validation() path is unchanged. Inbound is deliberately untouched: ElicitRequestFormParams.requested_schema stays a plain dict[str, Any] on the wire, so older servers that emit anyOf for Optional form fields still reach the client's elicitation callback. c2b3e8ee Record two divergences as intentional, ecosystem-consistent choices Bookkeeping only — no code or test behaviour change. Two interaction-suite divergence notes described their gaps as unenforced spec MUSTs without saying whether closing them was planned; both are deliberate and the notes now say so. (1) stdio_server does not redirect sys.stdout, so a handler print() corrupts the protocol stream — no MCP SDK redirects stdout, and a redirect would only catch print(), not os.write(1, ...) or C extensions writing to fd 1, so it would be a partial guard rather than a structural fix; the logging tutorial already tells stdio server authors to log to stderr. (2) No MCP SDK validates sender-side progress monotonicity; that MUST is a contract on the handler author, not on the transport, and the test pins the unvalidated pass-through. Motivation These are all places where the SDK was provably out of step with normative spec text (or an RFC the spec defers to). Three of them are reported user-facing bugs (#2629, #1307, #2605); the auth ones matter most — a resource server that accepts audience-unbound tokens, or a built-in authorization server that registers javascript: redirect URIs, is the kind of default a user has no way to notice. Working through them as one burn-down keeps the requirement manifest honest: a gap that is fixed loses its record, a gap that is partially closed gets a record stating exactly the residual, and a gap that is a deliberate choice says so — so what remains recorded is real and current. Tested ./scripts/test (the full suite under the 100% line+branch coverage gate plus strict-no-cover) is green at HEAD: 4303 passed, 7 skipped, 1 xfailed (the one xfail is pre-existing and unrelated — a Pydantic AnyUrl trailing-slash quirk in tests/client/test_auth.py), coverage 100.00%. pyright reports 0 errors; ruff check / ruff format are clean; the new-suppression audit (git diff ... | grep -E '^\+.*(pragma|type: ignore|noqa)') is empty. Every behaviour change flips an existing requirement-tagged interaction test rather than only adding a new one, so the old behaviour cannot silently come back. New tests cover the fail-closed audience gate (including the verifier_validates_audience opt-out and the refresh chain), the loopback/fragment matrix at /register, the PKCE-refusal arms (absent field, list without S256, no-metadata leniency), the double-initialize rejection on stdio, stateful HTTP, and stateless HTTP, the strict_capabilities pre-wire rejection alongside the default send-and-surface behaviour, the request-scoped progress close on both dispatchers, and the typed ElicitRequestedSchema construction/rejection matrix and its to_wire() round-trip. Breaking changes All documented in docs/migration.md (one section each): Bearer tokens are rejected unless their audience names this server — including tokens that carry no resource indicator at all. Populate AccessToken.resource in your TokenVerifier (recommended; the examples now show it), or set AuthSettings(verifier_validates_audience=True) if your verifier already enforces aud and cannot surface it. resource_server_url=None still disables the check. Bundled authorization server: RFC-correct redirect-URI handling — /register rejects non-HTTPS, non-loopback, and fragment-carrying redirect URIs with invalid_client_metadata (this also rejects RFC 8252 private-use schemes such as com.example.app:/callback; MCP allows only HTTPS or loopback); /token answers a redirect-URI mismatch with invalid_grant instead of invalid_request. OAuth client refuses to authorize when AS metadata does not advertise S256 PKCE — OAuthFlowError instead of proceeding. No SDK-side opt-out: an authorization server that supports S256 but omits the field needs its published metadata fixed (RFC 8414 §2). OAuth client no longer reads scopes_supported from authorization-server metadata to choose a scope — if that was your only scope source, the client now omits scope entirely; pass an explicit scope on OAuthClientMetadata to keep the old request. Unhandled handler exceptions return -32603; cancelled requests get no reply — code that matched on the previous code: 0 responses must update; raise MCPError for a specific code, and note the exception text is now logged, not sent. Unhandled elicitation/create returns -32602; unhandled roots/list returns -32601 — server code that branched on error.code == -32600 to detect a client without these should switch codes, or (better) check the client's declared capabilities before sending. A second initialize on an already-initialized session is rejected with -32600 ("Session already initialized"). A peer that needs a fresh handshake opens a new connection (on streamable HTTP, a POST without Mcp-Session-Id). ServerSession.elicit_form() (and the deprecated elicit() alias) and ClientPeer.elicit_form() now take a typed mcp_types.ElicitRequestedSchema, not an arbitrary dict[str, Any] — ElicitRequestedSchema is the model now, no longer a TypeAlias for dict[str, Any]. Build it directly (ElicitRequestedSchema(properties={"x": StringSchema(type="string")}, required=["x"])) or validate an existing JSON Schema dict with ElicitRequestedSchema.model_validate(...). Schemas with nested-object properties, array-of-objects properties, or anyOf unions are rejected at construction instead of being forwarded. The high-level Context.elicit() / elicit_with_validation() path and the inbound/wire representation are unchanged. ServerSession.send_progress_notification() is deprecated in favour of the request-scoped Context.report_progress() / ServerSession.report_progress(). The method still works, but every call now emits mcp.MCPDeprecationWarning — so test suites that run with filterwarnings = ["error"] (or -W error) will start failing on it. report_progress uses the inbound request's own token and cannot emit progress after that request has completed, which is what the spec requires. Not a breaking change, but called out for completeness: Client(..., strict_capabilities=) (and the same keyword on ClientSession) is additive and opt-in. The default is False and the default behaviour is byte-for-byte unchanged — every request is still sent and the server's answer is still surfaced. Closes Closes #2629 Closes #1307 Closes #2605 AI Disclaimer

Open Graph Description: The tests/interaction/ suite is requirement-tagged against the MCP specification. Where the SDK's behaviour fell short of the spec, the suite did not skip or xfail: it pinned the actual behavio...

X Description: The tests/interaction/ suite is requirement-tagged against the MCP specification. Where the SDK's behaviour fell short of the spec, the suite did not skip or xfail: it pinned the actual beh...

Opengraph URL: https://github.com/modelcontextprotocol/python-sdk/pull/2999

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:0c6aea53-9251-7cd6-ce72-04982e66da1d
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-id986C:15E77E:9B9E50:D0F3D5:6A593911
html-safe-nonce2c5e16386a1db0149245c951fd5c15a4f3253aacc87084fc5568a02fcde5b6b0
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI5ODZDOjE1RTc3RTo5QjlFNTA6RDBGM0Q1OjZBNTkzOTExIiwidmlzaXRvcl9pZCI6IjEzNDY0NDczOTcyNzc2NzgyNSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac35c09ee7865ceef83e6d80c2d499d235eeba3ee405a447505fac46d418315993
hovercard-subject-tagpull_request:3942876760
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/modelcontextprotocol/python-sdk/pull/2999/files
twitter:imagehttps://avatars.githubusercontent.com/u/224885523?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/u/224885523?s=400&v=4
og:image:altThe tests/interaction/ suite is requirement-tagged against the MCP specification. Where the SDK's behaviour fell short of the spec, the suite did not skip or xfail: it pinned the actual behavio...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None1b31c9453e1607b2781513084b4770f67217e549834c85b76960d7b13626f7c8
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/modelcontextprotocol/python-sdk git https://github.com/modelcontextprotocol/python-sdk.git
octolytics-dimension-user_id182288589
octolytics-dimension-user_loginmodelcontextprotocol
octolytics-dimension-repository_id862584018
octolytics-dimension-repository_nwomodelcontextprotocol/python-sdk
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id862584018
octolytics-dimension-repository_network_root_nwomodelcontextprotocol/python-sdk
turbo-body-classeslogged-out env-production page-responsive full-width
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release220f27779da5b92b5e17fcaef93e474cc8affba3
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fmodelcontextprotocol%2Fpython-sdk%2Fpull%2F2999%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fmodelcontextprotocol%2Fpython-sdk%2Fpull%2F2999%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=modelcontextprotocol%2Fpython-sdk
Reloadhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Reloadhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Reloadhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
modelcontextprotocol https://github.com/modelcontextprotocol
python-sdkhttps://github.com/modelcontextprotocol/python-sdk
Notifications https://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk
Fork 3.7k https://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk
Star 23.6k https://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk
Code https://github.com/modelcontextprotocol/python-sdk
Issues 255 https://github.com/modelcontextprotocol/python-sdk/issues
Pull requests 301 https://github.com/modelcontextprotocol/python-sdk/pulls
Actions https://github.com/modelcontextprotocol/python-sdk/actions
Projects https://github.com/modelcontextprotocol/python-sdk/projects
Models https://github.com/modelcontextprotocol/python-sdk/models
Security and quality 6 https://github.com/modelcontextprotocol/python-sdk/security
Insights https://github.com/modelcontextprotocol/python-sdk/pulse
Code https://github.com/modelcontextprotocol/python-sdk
Issues https://github.com/modelcontextprotocol/python-sdk/issues
Pull requests https://github.com/modelcontextprotocol/python-sdk/pulls
Actions https://github.com/modelcontextprotocol/python-sdk/actions
Projects https://github.com/modelcontextprotocol/python-sdk/projects
Models https://github.com/modelcontextprotocol/python-sdk/models
Security and quality https://github.com/modelcontextprotocol/python-sdk/security
Insights https://github.com/modelcontextprotocol/python-sdk/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fmodelcontextprotocol%2Fpython-sdk%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fmodelcontextprotocol%2Fpython-sdk%2Fissues%2Fnew%2Fchoose
maxisbeyhttps://github.com/maxisbey
mainhttps://github.com/modelcontextprotocol/python-sdk/tree/main
requirements-divergenceshttps://github.com/modelcontextprotocol/python-sdk/tree/requirements-divergences
Conversation 18 https://github.com/modelcontextprotocol/python-sdk/pull/2999
Commits 14 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits
Checks 41 https://github.com/modelcontextprotocol/python-sdk/pull/2999/checks
Files changed https://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Work through the spec-conformance gaps recorded by the interaction suite https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#top
Show all changes 14 commits https://github.com/modelcontextprotocol/python-sdk/pull/2999/files
68e4eb2 Tighten requirements-catalog divergence notes to match current SDK be… maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/68e4eb286c48caf5f0d81cae5bc88a163a51e92a
bad42e2 Emit RFC 6750 scope= in WWW-Authenticate and validate token audience maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/bad42e284177e920fabb909e469e83cd335dc325
47639a2 Stop replying to cancelled requests; map unhandled handler exceptions… maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/47639a2b36326afdb62e0863942ef757cdbe3cb8
a173446 Reject bearer tokens that carry no audience claim maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/a1734460a1711ec98a89be0cf1f2bfa8d1567b2e
884badc Use spec error codes for unhandled elicitation/create and roots/list maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/884badc944dc4a7387f0fe9b1fe514f22fa33f34
24061fe Reject non-HTTPS, non-loopback redirect URIs at client registration maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/24061fe98be9984e2ad7266e9d87d0b8a57d261b
3eb352c Align OAuth client with spec on PKCE verification and scope selection maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/3eb352c8b05e91182533ccf6859c321d1578990f
1e2bd9b Reject a second initialize on an already-initialized session maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/1e2bd9befcaf57ed177fc4bffa44f5e2634d83dc
8f60ebe Make the prompt test's opaque coverage workaround explicit maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/8f60ebe5359fd7649f854930145b653daaccf41a
28f500c Add an opt-in strict_capabilities flag to Client and ClientSession maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/28f500c71ab92fb9b20fd4c2fc9b5ab152de9d1a
eddfa29 Deprecate ServerSession.send_progress_notification maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/eddfa29d9de745457f9dcd14fe3b3f8e1570de6a
3605ec0 Type the elicitation requested schema on the send side maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/3605ec09b48f5fe245c911fb8e6f6c911ecb707c
c2b3e8e Record two divergences as intentional, ecosystem-consistent choices maxisbey Jun 26, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/c2b3e8ee170e73a852f6d380d1e1c4a3580f6198
c53aefd Close cancelled HTTP exchanges and harden auth validation maxisbey Jun 28, 2026 https://github.com/modelcontextprotocol/python-sdk/pull/2999/commits/c53aefd2931f85193c18e2487aed5212966ead98
Clear filters https://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
authorization.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
deprecated.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-56dc01bf14dae3ca51d74cabaae2ebf3073f53c670b0f3ed1c062fce3eb76e33
oauth-clients.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c1ca6b2d50dd17d7fda9ac37a24156bef9f441622a649c174cfb0f856ea614ee
callbacks.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-138dbe4e53dce3865b95fe85d681a60ced1156ab96a13ffa53b9f36e71b30449
index.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6db44fd0d4045289d873ac7b19b6478a375bb2131e7057a020076bcbd3d3cc1b
migration.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-758ba107a728fccfdf0d098b2c06ded59127dd53ea287d630f72fb51040bc72d
tutorial001.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-f3c8db22d21cdbe2e91efb2ab32e6845db86af22c757f1f65263079273463a85
tutorial002.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-91d0e7206c6e5d8ed295140071047fcd5e385482ca59057f8d7e2c885be698ad
main.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-967e8584a0021a6f5b81aa9ef3f1e549efd761fe3fb4733e5212ce027e0bcfce
server.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c388a5df49687a92e157c2bf1ffc603dd3b4b8f0c38cb80e0707ae72ddedffe4
README.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-4e39b1f5288e6235627a4646e0b35d4d55dfc63c2987355a414ab8c416c52a99
server_lowlevel.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-047b005b17f5c3be944140287559161d9d6c6636d6b2a425f0f3d4833aa334d4
server.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-abb5f95dda1a20a1101c09ec9713e44cc560f760dc83e68fe7c05f225d757ab8
server_lowlevel.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-205ea99cad38bed95d2a84b72911cb877b6108d039e6d5ab3dfd1f92e0664767
server.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-094bc81d3930cc9ba26fa7efb8702c043c1e2abd4f2788b50b9f1d2cd07a25a8
server_lowlevel.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-5c648da61339fd84fa0bc4a09bfc66ebf96afce276f5699d832abc81bd04d63c
server_lowlevel.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-93b2a9b8021a076c4c472b3658cb6a298ffd71a28f1c7c45eb3c740a262ae587
README.md https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-d456418e603ea851518990bbc030ce5be6250b0962c21ff4997690af6724effb
gen_surface_types.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-cd04c09bf6e8b3d3b71bc3b1a378c9bccf96bc2ad0989e54229eaaebe0d3115c
__init__.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-2bdd6166b4bd777f94504605636ea78e8873063e4bdd5d62010792a9b3e5eabd
_types.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-bd19c5ddeaca61e4fcc9ce321fbe2b44ee9a9c7e1ac6bcd4a4b2c03f8925564a
methods.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-9615d89fea618e65e534293f2091991212496a72b86b8fb9bb470cea615cc47c
__main__.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-acedd8b44e9fb1a288cc95191fc773e99af0b75edaa11c78295dad3147cb7eea
_transport.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-b8058afecd14e079d4edd2712bcc367970848ef2ee3bfd7cbef14909f9664ded
oauth2.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-b7aaf2062da175cea9a532176d6eb78b659eaadb757cc48929f0bafccfdb8d98
utils.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-1aed3def34492fb7eafa6e7aee6e9cc9973171b28c9574dc5c5b288a09878996
client.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-34e945ebc2fea8a427b8d0c45ccd28eb4e4cceb33c82048bd7998e6bb2f754f3
session.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-634d1abcb8bda1a784f31e3431a10124e387f487dd243a54244515b4972aa0ee
sse.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-41ed2e8548ae223801c0a37a6b50ce913e24f0e660bbbc2ddd91686820c86336
stdio.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-a906fce75e115cde24e79b8cdac6442af7845748f57ec0e997ff81f089408186
streamable_http.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-e8c18a3067a9b157c5c39a947f53d395afeb00e7026dad2d5a279011da943b5e
_streamable_http_modern.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c5e06136c127a1503b8eab18375355c38ceb7e71b5a1c04b36ebf2fbc3d9067d
register.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6643f748c6f203d6b3c55593361c894373aa78f360ebaa4f3b60b445efccc5af
token.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-0bfdf5a468abdd078a0287db095a4ad5ebfcb04ea3e437026cdc8038c137ecab
bearer_auth.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-0b11aaab79fc19c511b87711ce27207efba24fbd0226bea59af663715ba0f0ec
provider.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-f7e852ad288ea2750460eb8e8ef0d6152216cd97ae505acd5f06146cf866abec
routes.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6dfb076f1d9772b9a78be06b88bbbae0f92a0108284fcf247f342cd1a88433f2
settings.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-ed6123a6a50ac222dad0c2887aa3186d37bbc67f7a2105d4a06320638a75fd25
elicitation.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c4db625b035748b41b473c918e7d296aa97e84921be651e4a165beaf95b83b29
server.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-b21bf5e21c058ccfddb404c209f2d4288e4f32b121111ffc9d466638631d13e4
server.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-51d6996c0b80b8a5c42e7071451cb9ed3c91b398facebe99b94aad911059190e
runner.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-7a9c3e13faa5730f5a8a60062e9d200513c0baeada63e3cc24b37fe68e086e90
session.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-9a603a2587011a188aa76ca19a32fcd343a253516325fbcfb4f7bfb6a814634c
sse.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-db3d89720f05f9c8a375c9ce008a6b477be25dccabca86a7d422814c5ab3f12c
stdio.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-19a44750677a645222700b9984d14682f626518ae045cf909c4daf665cb3264e
streamable_http.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-0119e4c1bbf2fde7ba89b9c9f5bc472ccc2332f84e96e47cf9e45cebef801da3
auth_utils.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-fbdc8420ca151dd080002401442d8da9bee4df97f55498baf05f570990c97405
direct_dispatcher.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6566b073a8d9286a5b17e0bb02d6e12e822eaedf2236c0d637dcd57992268076
jsonrpc_dispatcher.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-3d8fb73fa8b126691302c15bb63bbc44a3a0e9338a17f14b3b4ea1d97bb10c2c
memory.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-fda62e83f7fbe11b6291a8eb980526a6465853fcc15dba2269425cd3de0801dc
message.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-e87607af2a5ca4eeaf91e471c711340e954899e1504ebb1fcc981afe4639bc70
peer.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-7516fc8e5003b3509266f53789ae4f7873bf19b8ecda78e5ce81ecac9401bf74
test_auth.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-f083d075f463e8b1ecfa6b931c33288c3d09b00ee3af3e5f74df16b7e75c3ab1
test_client.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-f91d7d1bfecb41d80a4cc73133b82560b7284a2af2d6630c49b983ca9366ea13
test_list_roots_callback.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-90b39d804728390ef9eab471f7f9877b35f83c44d63b99a1ea9653f6d5e11ee9
test_notification_response.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-8c7bb1142c1c9cb43b4d2e7bf265054daca89ba175deec8b690f00464c00c182
test_session.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-623490a9c2dd576cc59e89f8d51f64acfffdeaad940e0bd4a0a51a50bc30d92d
test_stdio.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-49f66b09e4d89b29b440c955c429fe948dbcc3bbb08fffb504cf40be24382352
test_authorization.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-3544daae19d2cf5f421d66ae2e297daa4df4b73b082ccefd1d77d8a10bc5f2e8
test_client_callbacks.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-aaae64f5b848d57f9d8fcad9ed933c3a2d7c17137438bf8b82a8188bcfe04619
test_deprecated.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c21bb32f6f8b5edaa8b2323d5b35543fec6d3cc5f7b5241089682538be6221bb
test_mrtr.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-b01d5962d34f3e53541e38bde069e9ada14fe1458db3fd68c9b2773fea0ade03
_helpers.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c8a8ff425b6a85c43aec1841627f4dfe5fbd10e11ae63c63443e999a000a0ca2
_requirements.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c12ce54cbf13a11daa3f93343e5df8c89ca2b25d0f20f00b5408a2402a223228
_harness.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-4ac9813efeab1673bfd09096e1374c2d00a185f7948b812eefeb565db6c23247
_provider.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-035114ed068ee8041a853e4fdb196c4093d0f72f9aa188b86f619673b08c099d
test_as_handlers.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-276fddce310f4eebd30cd9e80e00a793954284aa79132c556f1f4992c14fb85a
test_authorize_token.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-e2f26e5f968d65f2a18a0a2f1b07786581e66b85ba40b1e0626ac19ee4cf6dd4
test_bearer.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39fa737f86bf4beb1870f6befa727071547fb7bd57257244223688eb618bd79f
test_discovery.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-469d07df0d8e675ae3e626c2293e9fdc39917db8ca8e1f04ca02c17339c6e6f6
test_cancellation.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-bbb272049658e36f86bd66e16deef2e8ac8f7f90bb4bd89aa0f025bf1db48fee
test_client_connect.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-3a887d54ca83d9ef12ffdb0b58a494e9a7c44167381cb3efb59c3176ea663e42
test_elicitation.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-5585defd557eb80768153a7b77139020888710d033099a70f574721eea73cb53
test_flows.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c8703562e141bdb981bfa8f5a0e3dd92a9a881b7f60d5bde5c269e53e5f74331
test_progress.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-adbb27a971d4f833b1e7bcadb8054ba7fda245e02e6e49b0aacbeaec620e205a
test_resources.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-b72ae88a1de4fa5bbd3e571601e51bc56f008819d8a9438ad9c4fc7abae56ecd
test_roots.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-4144b5ee9d2cd8d3ce9ca82fabcf7788b5c2bed02b835807f861f88a833abd9f
test_tools.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c825e7b9ec5b747a4818b1917da57cc2145f982ac24237ed26449b9fff54ecfc
test_prompts.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-9f0279943407f29b6afd521af337610582342d94bb2414550df04a7dd71aa259
test_hosting_http.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-25c736951e89c76e3f06e5f6b36924f2fecb911b5bd98e4c74bf8249e8480fac
test_hosting_http_modern.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-122f8dfa74b6aa90e3cea5c8da3a5bf7829d8ea82e66caf2ab88c0e107858914
test_hosting_session.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-23fb947502e0b134e093023f213e2e4e1a427996777d05da35dfe39499ad0741
test_streamable_http.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-e1892a1b798bbf5427ad12171841966db1086dcbbbd3f6c12b4bcd76405530c7
test_192_request_id.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-544adf255ae3b6d59c63912723666f0e5cd700e1c1a1cc5009a74133332cd83e
test_88_random_error.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-4e8132257776907428bdfd1d3671faed7b41a6347402e65f630f3a27a290edf5
test_bearer_auth.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-e9da357dd9e1fbd6287ffd8766f14cfb02020d11144474be22c36805c6fa6382
test_auth_integration.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-5a81a6a5148119d275223ade78614223f48f68203d1ef375fb1b271621d5894c
test_server.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c191383f010475fc22bf69d35f14f16d7e45098b05a1a0f03ad66d6c151d1f34
test_url_elicitation.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c35abe7dd7e0015dc6b664d3c8c70f67445f06594578915db32ab0d594df50cb
test_cancel_handling.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c1f187f0c3cd17c4a86593f3fd13298817256f3be47c48065168959055ad0753
test_completion_with_context.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-7b9f06a84b3dc75676e1efff318066a211e3e0210ba14abd37626d431c400d43
test_lifespan.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-1698ae8330ce4b282795333fd5e113b02a2a9923d4d9af2c58c8ea582dffe7c2
test_lowlevel_exception_handling.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-48c9f55d2b53bd2fbac81a8eb6ac25b0137eca64b92a195ed177851580687917
test_runner.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-51ad0fc280fc0fb1ed6039b7c5a26a6fafba8d8ffc8533cfa89cb9df18ea3f10
test_server_context.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-4903326ba7c3c7efdab16734810bfeae0b485942b7155c82e6ca8df7a8d5d11a
test_session.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-ed22c8fef52dc8c1d840dc0825bc375c48b67dcc2b468bab084aded3af06fdcf
test_stateless_mode.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-9a5f67580e8993a1074a9b3a4ce460932af7f64bfac3c0ed94b56c842ef99101
conftest.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-15491fe777db50025c3dc04b6c61bc3e54d37c41d24c9f557b35e5b67c0a1769
test_auth_utils.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-756dfba56088748e16f4d23c41a507fbd7abdbfb164a99a747015d4f9a25bfc5
test_context.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-f7251b2a89950623fbfe8054f38f100bda8ccbc98a7ae85283a78c1cd6e3ba93
test_dispatcher.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-490cfcfdfdaf03f631a5cc632ec5a47dee6aa063d13518834a7a1f1bb8493f3f
test_jsonrpc_dispatcher.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-ce6a750fbce4c4bfa60b1845cdd92c08be0c2ed1fdcecdcb2a2efa24170efabd
test_message.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-08d3c9edc907f5290595c7179995cef622ea094c89b6ab0548344c37bc914b37
test_peer.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-4a0f459cebe082a1548305dfc7e0392930c36ef29665ca62e9ba87051931d22b
test_streamable_http.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-57d1f3c64af36960aa61b1d77387fb6201b90fbc2f3d606bf2761315ce618cc5
test_methods.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-784326fe173098cf01a6bf0e23d0d873d706a3e7183ca4cc7044bf7d1f25fc2d
test_parity.py https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-7ef69241093b7c6cbbdd5143f8ec60b0bf319c83970bf81f3d99c1ee37b6cff9
docs/advanced/authorization.mdhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
View file https://github.com/modelcontextprotocol/python-sdk/blob/c53aefd2931f85193c18e2487aed5212966ead98/docs/advanced/authorization.md
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/modelcontextprotocol/python-sdk/pull/2999/{{ revealButtonHref }}
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-39f393e17fe7273f7c3f273ef236a44402c20cedd48982c799ecdd053b221c24
docs/advanced/deprecated.mdhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-56dc01bf14dae3ca51d74cabaae2ebf3073f53c670b0f3ed1c062fce3eb76e33
View file https://github.com/modelcontextprotocol/python-sdk/blob/c53aefd2931f85193c18e2487aed5212966ead98/docs/advanced/deprecated.md
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/modelcontextprotocol/python-sdk/pull/2999/{{ revealButtonHref }}
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-56dc01bf14dae3ca51d74cabaae2ebf3073f53c670b0f3ed1c062fce3eb76e33
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-56dc01bf14dae3ca51d74cabaae2ebf3073f53c670b0f3ed1c062fce3eb76e33
docs/advanced/oauth-clients.mdhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c1ca6b2d50dd17d7fda9ac37a24156bef9f441622a649c174cfb0f856ea614ee
View file https://github.com/modelcontextprotocol/python-sdk/blob/c53aefd2931f85193c18e2487aed5212966ead98/docs/advanced/oauth-clients.md
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/modelcontextprotocol/python-sdk/pull/2999/{{ revealButtonHref }}
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c1ca6b2d50dd17d7fda9ac37a24156bef9f441622a649c174cfb0f856ea614ee
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-c1ca6b2d50dd17d7fda9ac37a24156bef9f441622a649c174cfb0f856ea614ee
docs/client/callbacks.mdhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-138dbe4e53dce3865b95fe85d681a60ced1156ab96a13ffa53b9f36e71b30449
View file https://github.com/modelcontextprotocol/python-sdk/blob/c53aefd2931f85193c18e2487aed5212966ead98/docs/client/callbacks.md
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/modelcontextprotocol/python-sdk/pull/2999/{{ revealButtonHref }}
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-138dbe4e53dce3865b95fe85d681a60ced1156ab96a13ffa53b9f36e71b30449
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-138dbe4e53dce3865b95fe85d681a60ced1156ab96a13ffa53b9f36e71b30449
docs/client/index.mdhttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6db44fd0d4045289d873ac7b19b6478a375bb2131e7057a020076bcbd3d3cc1b
View file https://github.com/modelcontextprotocol/python-sdk/blob/c53aefd2931f85193c18e2487aed5212966ead98/docs/client/index.md
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/modelcontextprotocol/python-sdk/pull/2999/{{ revealButtonHref }}
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6db44fd0d4045289d873ac7b19b6478a375bb2131e7057a020076bcbd3d3cc1b
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6db44fd0d4045289d873ac7b19b6478a375bb2131e7057a020076bcbd3d3cc1b
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6db44fd0d4045289d873ac7b19b6478a375bb2131e7057a020076bcbd3d3cc1b
https://github.com/modelcontextprotocol/python-sdk/pull/2999/files#diff-6db44fd0d4045289d873ac7b19b6478a375bb2131e7057a020076bcbd3d3cc1b
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
Please reload this pagehttps://github.com/modelcontextprotocol/python-sdk/pull/2999/files
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.