Third-party MCP server shows "Connected" in the app but its tools are missing from CLI sessions
After signing in to a third-party OAuth MCP server (Atlassian, https://mcp.atlassian.com/v1/mcp) through the app, it shows a green "Connected" badge, but none of its tools are available to the agent in the sessions the app spawns. The first-party GitHub MCP server works fine. Restarting the app, re-enabling the server, re-signing in, and updating the app don't help.
Steps to reproduce
- In the Copilot app, add the Atlassian MCP server (
https://mcp.atlassian.com/v1/mcp) and complete OAuth sign-in — it shows a green "Connected" badge.
- Open any session and ask the agent to list its tools, or to use a Jira/Confluence tool.
- No
atlassian-* tools are available to the agent.
- The session log (
~/.copilot/logs/process-*.log) shows: Server atlassian requires authentication, initiating OAuth flow then OAuth required for atlassian with no cached tokens; marking as needs-auth.
Expected behavior
Once the app shows a third-party MCP server as "Connected," its tools should be available to the agent in spawned sessions, just like the first-party GitHub server.
Root cause / context
- The green badge reflects the app's own daemon MCP connection, authenticated with tokens in Windows Credential Manager (service
copilot-mcp-oauth). Each spawned session is a separate MCP client using host-delegated OAuth: for first-party GitHub the app returns a token, but for third-party servers it cancels the host-token hand-back and only reconnects its own daemon so the badge goes green. The session token store is ephemeral, so it can't fall back to the cached tokens on disk. Net: sessions never get third-party credentials and mark the server needs-auth.
- Evidence the tokens are valid: injecting the app's token as a static
Authorization: Bearer header on the atlassian entry in ~/.copilot/mcp-config.json makes sessions connect and load all 31 tools. That static header isn't a real fix — the access token expires in a few hours and rotates.
- Suggested fix: bridge third-party MCP OAuth tokens to spawned sessions the same way the first-party GitHub token is handed off (or let sessions read the persistent
copilot-mcp-oauth store).
Environment
Windows 11 Pro (10.0.26200), x86_64; app 1.0.20; bundled CLI 1.0.70.
| Field |
Value |
| App version |
1.0.20 |
| OS |
Windows 10.0.26200 |
| Theme |
GitHub |
| Path |
/chat |
| Tenure |
Week 4 |
Third-party MCP server shows "Connected" in the app but its tools are missing from CLI sessions
After signing in to a third-party OAuth MCP server (Atlassian,
https://mcp.atlassian.com/v1/mcp) through the app, it shows a green "Connected" badge, but none of its tools are available to the agent in the sessions the app spawns. The first-party GitHub MCP server works fine. Restarting the app, re-enabling the server, re-signing in, and updating the app don't help.Steps to reproduce
https://mcp.atlassian.com/v1/mcp) and complete OAuth sign-in — it shows a green "Connected" badge.atlassian-*tools are available to the agent.~/.copilot/logs/process-*.log) shows:Server atlassian requires authentication, initiating OAuth flowthenOAuth required for atlassian with no cached tokens; marking as needs-auth.Expected behavior
Once the app shows a third-party MCP server as "Connected," its tools should be available to the agent in spawned sessions, just like the first-party GitHub server.
Root cause / context
copilot-mcp-oauth). Each spawned session is a separate MCP client using host-delegated OAuth: for first-party GitHub the app returns a token, but for third-party servers it cancels the host-token hand-back and only reconnects its own daemon so the badge goes green. The session token store is ephemeral, so it can't fall back to the cached tokens on disk. Net: sessions never get third-party credentials and mark the server needs-auth.Authorization: Bearerheader on the atlassian entry in~/.copilot/mcp-config.jsonmakes sessions connect and load all 31 tools. That static header isn't a real fix — the access token expires in a few hours and rotates.copilot-mcp-oauthstore).Environment
Windows 11 Pro (10.0.26200), x86_64; app 1.0.20; bundled CLI 1.0.70.