Scope filtering/challenging #1802
SamMorrowDrums
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
The GitHub MCP Server now has a few scope related features that make tool calling much more successful, and waste much less context on useless tools.
Scope Challenge
This was added to the MCP Specification in November 2025, and if you log into our remote server with Oauth (default behaviour), instead of failing to call a tool you don't have scopes to use, the server returns a challenge which allows clients that implement this (like VS Code), to up-scope your token interactively, so you can accept the additional scope requirements and continue without failure!
Scope Filtering
If you use classic PAT tokens, we cannot up-scope your token, so instead we filter out tools you cannot use (we leave the repo ones because you can still access public repos without any scopes). This means you don't have tools you cannot use. The STDIO server now also does scope filtering.
Server to Server tokens
If you use the GitHub MCP on Actions for example, using the actions GITHUB_TOKEN, we no longer provide the
get_meand other context tools on the remote server, as there is no user context.We hope these features have given you a more seamless experience, and more success! We are looking at how we might better handle fine grained tokens and GitHub Apps, but this will likely take some work on the MCP Specification level.
Beta Was this translation helpful? Give feedback.
All reactions