python-sdk icon indicating copy to clipboard operation
python-sdk copied to clipboard
verified publisher icon modelcontextprotocol

Client Registration Fails with 502 Error When Connecting to Auth Server

Open Wuhall opened this issue 8 months ago • 0 comments

Description:
When running the MCP auth client against a locally started auth server, the client fails during registration with a 502 error, despite the server appearing to start successfully.

Steps to Reproduce:
Start the auth server:

cd path/to/mcp-simple-auth
uv run mcp-simple-auth --transport streamable-http --port 3001

Server starts successfully (see logs below).
Start the auth client:

 MCP_SERVER_PORT=3001 uv run mcp-simple-auth-client

Client fails with Registration failed: 502 (full traceback below).

Expected Behavior:
Client should successfully register with the auth server and establish a connection.

OAuth flow should complete without HTTP errors.

Actual Behavior:
Client fails during registration with:

httpx.HTTPStatusError: Registration failed: 502

Full error traceback indicates the failure occurs in mcp/client/auth.py during OAuth client registration.

Server Logs:

INFO: Uvicorn running on http://localhost:3001 INFO: 127.0.0.1:64473 - "GET /.well-known/oauth-authorization-server HTTP/1.1" 200 OK

(No errors reported on the server side.)

Client Logs:

🖥️ Started callback server on http://localhost:3000 📡 Opening StreamableHTTP transport connection... ⚡ Starting session initialization... ❌ Failed to connect: unhandled errors in a TaskGroup (1 sub-exception) httpx.HTTPStatusError: Registration failed: 502

Environment:
OS: macOS

Tools:

uv (installed via conda, version 0.7.8)

Python 3.12 (conda environment)

Relevant Packages:

mcp-simple-auth and mcp-simple-auth-client (local paths)

Additional Context:
The 502 error suggests the auth server’s registration endpoint (/.well-known/oauth-authorization-server) is reachable (returns 200), but the subsequent client registration request fails.

No visible errors in the server logs despite the client-side 502.

The issue persists across fresh terminal sessions after verifying uv is correctly in PATH.

Possible Causes:
Server-Side Validation Failure: The auth server might reject the client’s registration request silently.

Mismatched Transport Configuration: streamable-http transport might require additional setup.

OAuth Endpoint Misconfiguration: The registration endpoint might not handle the client’s payload correctly.

Requested Help:
Guidance on debugging the auth server’s registration logic.

Verification steps to isolate whether the issue is client-side or server-side.

Logging suggestions to capture why the server returns 502.

Wuhall avatar May 30 '25 08:05 Wuhall