URL Validation on Client Metadata is too strict
Initial Checks
- [x] I confirm that I'm using the latest version of MCP Python SDK
- [x] I confirm that I searched for my issue in https://github.com/modelcontextprotocol/python-sdk/issues before opening this issue
Description
Pydantic AnyHttpUrl is too strict for client metadata validation. https://datatracker.ietf.org/doc/html/rfc7591#section-2 specifies that all fields are optional. Empty strings are commonly emitted when there's no value.
In addition fields like client_uri are informational and I'm not sure they should even be validated as http. Any URL should technically be supported including non-http URLs. In general, I think the SDK should only apply strict pydantic validation where it affects the security or functioning of the client.
1 validation error for OAuthClientInformationFull client_uri Input should be a valid URL, input is empty [type=url_parsing, input_value='', input_type=str] For further information visit https://errors.pydantic.dev/2.11/v/url_parsing
Example Code
Python & MCP Python SDK
1.21.1
See proposed solution in https://github.com/modelcontextprotocol/python-sdk/issues/1574#issuecomment-3577691058