chainlit icon indicating copy to clipboard operation
chainlit copied to clipboard

Published 20 hours ago verified publisher icon Chainlit

Feature Request: Allow for defining MCP server connections

Open m-roberts opened this issue 7 months ago • 9 comments
trafficstars

Is your feature request related to a problem? Please describe. It's a bit of a pain that the client needs to provide the connection details through the Chainlit interface. In particular when the MCP server definitions that the interface is intended for are known upfront.

Describe the solution you'd like My ideal solution would be to add support for defining MCP server configurations in the Python code, as they are known at runtime for my specific use-case and available from where the client is running. For example, this could be achieved with Pydantic AI and Streamlit (see here).

Describe alternatives you've considered An alternative solution would be to allow a user to provide a set of MCP server descriptions via a config file orJSON-formatted input (or similar), such as with Claude Desktop. This would allow for most flexibility, but is less optimal for my use-case where the MCP server definitions are known in advance, as it requires an extra step from the user.

m-roberts avatar Apr 09 '25 15:04 m-roberts

maybe im misunderstanding something but other than making this kinda unusable (without manually re-entering all the mcp servers you want to configure) this seems like a security issue - its allowing anyone who connects to the client to run commands on the server

phlax avatar Apr 12 '25 09:04 phlax

Plus one for this issue. Currently it's a pain to setup the mcp servers.

If I could pass a Json while starting chainlit, either through the cmd line or include in the config.toml, it would really help,instead of using the UI.

I could share the config.json to someone else as well.

shiv-codegit avatar Apr 12 '25 18:04 shiv-codegit

@phlax

[this makes] this kinda unusable (without manually re-entering all the mcp servers you want to configure)

Sorry, but I am not understanding your point here.

this seems like a security issue - its allowing anyone who connects to the client to run commands on the server

My use-case is an internal tool with restricted access anyway. A simple warning would suffice if you're worried about people not understanding that including MCP server configuration exposes that to all users of the client webpage.

m-roberts avatar Apr 15 '25 12:04 m-roberts

Sorry, but I am not understanding your point here.

when testing i was having to re-enter the MCP setup repeatedly

My use-case is an internal tool with restricted access anyway.

i just think it would be safer that tool configs are persisted server-side as there is no risk of unprivileged arbtirary code execution that way

phlax avatar Apr 15 '25 13:04 phlax

@phlax Sorry, I misunderstood - I thought you were critical of the feature request but I now see you're in favour!

m-roberts avatar Apr 15 '25 16:04 m-roberts

This would be very helpful 👍

janantala avatar Apr 25 '25 09:04 janantala

I'm looking forward to this feature, please let us know when it is scheduled for development and release.

ainamdar-ag avatar Apr 25 '25 09:04 ainamdar-ag

yes, this feature would be very usefull. Also would be nice to pass the oauth token while regerstring the server. reference : https://den.dev/blog/new-mcp-authorization-spec/

venkatest avatar Apr 30 '25 14:04 venkatest

I was surprised that every user have to configure MCP servers at their end..... This is not advisable. Often chat users are end-users who wouldn't care what MCP is. This will confuse them. Also, as @phlax pointed out, this would make the server call arbitrary code (not sure how stdio on local user code would be run by the server; but eventually thats what should happen I believe). Its a security risk. This is a much needed feature. +1000

skannan-maf avatar May 13 '25 09:05 skannan-maf