You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Wire up the MCP endpoint to inject custom audit headers when calling existing routes via app.inject(), so the audit system can distinguish MCP actions from regular API calls.
Why
The previous task (#7562) added the infrastructure: a source column, request context propagation, and audit logger updates. This task connects the MCP endpoint to that infrastructure by adding the right headers to every app.inject() call.
The first-party expert agent also needs to inject these headers when it uses the MCP path. Distinguishing mcp from mcp:expert lets administrators see which actions came from their own agent vs external agents, which is important for trust and debugging.
What to do
In the MCP endpoint's shared inject() helper (_helpers.js from MCP Platform Tool Definitions #7430), add X-FF-Audit-Source and X-FF-Audit-Token headers to every app.inject() call
Source value: mcp for 3rd party agents, mcp:expert for the first-party expert agent. The MCP endpoint knows which it is based on the authentication context.
Token value: the PAT identifier from request.session.pat.id
For Phase 2 MQTT-bridged tools: the same headers should be injected if/when the bridge makes any app.inject() calls internally. For tools that only go through MQTT (no inject), the audit entry is created at the MCP HTTP layer before bridging.
Tests
Platform tool call via 3rd party MCP: audit entry has source: 'mcp'
Platform tool call via first-party expert: audit entry has source: 'mcp:expert'
Summary
Wire up the MCP endpoint to inject custom audit headers when calling existing routes via
app.inject(), so the audit system can distinguish MCP actions from regular API calls.Why
The previous task (#7562) added the infrastructure: a source column, request context propagation, and audit logger updates. This task connects the MCP endpoint to that infrastructure by adding the right headers to every
app.inject()call.The first-party expert agent also needs to inject these headers when it uses the MCP path. Distinguishing
mcpfrommcp:expertlets administrators see which actions came from their own agent vs external agents, which is important for trust and debugging.What to do
inject()helper (_helpers.jsfrom MCP Platform Tool Definitions #7430), addX-FF-Audit-SourceandX-FF-Audit-Tokenheaders to everyapp.inject()callmcpfor 3rd party agents,mcp:expertfor the first-party expert agent. The MCP endpoint knows which it is based on the authentication context.request.session.pat.idapp.inject()calls internally. For tools that only go through MQTT (no inject), the audit entry is created at the MCP HTTP layer before bridging.Tests
source: 'mcp'source: 'mcp:expert'References
_helpers.js)