Skip to content

[BUG]: Virtual server using an MCP Gateway authenticated with OAUTH2 is loosing tools #2272

Closed
Bug
Closed
[BUG]: Virtual server using an MCP Gateway authenticated with OAUTH2 is loosing tools#2272
Bug
Assignees
rakdutta
Labels
SHOULDP2: Important but not vital; high-value items that are not crucial for the immediate releasebugSomething isn't workingpythonPython / backend development (FastAPI)
Milestone
Release 1.0.0-RC1
@popagruia

Description

@popagruia
popagruia
opened on Jan 21, 2026

🐞 Bug Summary

Virtual servers configured with tools from an OAuth2-authenticated MCP server lose their tool associations after some time. The tools become unlinked from the virtual server even though the MCP server remains online.

🧩 Affected Component

  • mcpgateway - API
  • mcpgateway - UI (admin panel)
  • mcpgateway.wrapper - stdio wrapper
  • Federation or Transports
  • CLI, Makefiles, or shell scripts
  • Container setup (Docker/Podman/Compose)
  • Other (explain below)

🔁 Steps to Reproduce

  1. Connect an MCP server that uses OAuth2 authentication
  2. Authorize user and fetch tools from the MCP server
  3. Create a virtual server
  4. Associate tools from the OAuth2-authenticated MCP server with the virtual server
  5. Wait some time (hours/days)
  6. View the virtual server configuration
  7. Observe: Tools are no longer linked to the virtual server
  8. Note: The MCP server shows as online in the MCP servers list

🤔 Expected Behavior

Tools associated with a virtual server should remain linked until explicitly removed, regardless of:

  • OAuth2 token refresh cycles
  • MCP server reconnections
  • Gateway restarts

🔍 Investigation Needed

  1. Token expiration handling: Does OAuth2 token refresh affect tool registration?
  2. Tool ID stability: Do tool IDs change after token refresh?
  3. Database relationships: Are foreign keys maintained correctly?
  4. Background jobs: Is there a cleanup job removing associations?

Files to Check

  • mcpgateway/services/server_service.py - Virtual server tool management
  • mcpgateway/services/gateway_service.py - OAuth2 connection handling
  • mcpgateway/services/tool_service.py - Tool registration/refresh

📓 Logs / Error Output

(Add any relevant logs when reproducing)

🧠 Environment Info

Key Value
Version or commit 1.0.0-BETA-2
Runtime Python 3.11, Gunicorn
Platform / OS Ubuntu 22.04
Container Docker

✅ Acceptance Criteria

  • Root cause identified
  • Tools remain associated through OAuth2 token refresh
  • Tools remain associated through MCP server reconnection
  • Test case added to prevent regression

Metadata

Metadata

Assignees

Labels

SHOULDP2: Important but not vital; high-value items that are not crucial for the immediate releasebugSomething isn't workingpythonPython / backend development (FastAPI)

Type

Bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions