🛂 fix: Gate MCP Queries Behind USE Permission to Prevent 403 Spam#12345
Merged
Conversation
Closes #12342 When `interface.mcpServers.use` is set to `false` in `librechat.yaml`, the frontend was still unconditionally fetching `/api/mcp/servers` on every app startup, window focus, and stale interval — producing continuous 403 "Insufficient permissions" log entries. Add `useHasAccess` permission checks to both `useMCPServersQuery` call sites (`useAppStartup` and `useMCPServerManager`) so the query is disabled when the user lacks `MCP_SERVERS.USE`, matching the guard pattern already used by MCP UI components.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR prevents repeated unauthorized MCP network requests when MCP is disabled for a user (e.g., via interface.mcpServers.use: false), reducing backend 403/log spam by conditionally enabling MCP React Query hooks only when the user has MCP_SERVERS.USE.
Changes:
- Add a
useHasAccess(MCP_SERVERS.USE) gate touseAppStartup, disablinguseMCPServersQueryanduseMCPToolsQuerywhen access is not granted. - Add the same access gate to
useMCPServerManager, disablinguseMCPServersQuerywhen access is not granted.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| client/src/hooks/Config/useAppStartup.ts | Gates MCP servers/tools startup queries behind MCP_SERVERS.USE permission. |
| client/src/hooks/MCP/useMCPServerManager.ts | Gates MCP servers query behind MCP_SERVERS.USE permission inside the shared MCP manager hook. |
Comments suppressed due to low confidence (1)
client/src/hooks/MCP/useMCPServerManager.ts:48
useMCPServersQueryis now gated bycanUseMcp, butuseGetAllEffectivePermissionsQuery(ResourceType.MCPSERVER)still runs unconditionally. If MCP is disabled for the user, this will continue to hit/api/permissions/MCPSERVER/effective/allon mount/stale refetch and can still generate 403/log spam. Consider passing a react-queryenabled: canUseMcp(orcanUseMcp && !!loadedServers) config to this permissions query as well.
// Fetch effective permissions for all MCP servers
const { data: permissionsMap } = useGetAllEffectivePermissionsQuery(ResourceType.MCPSERVER);
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Gate `useGetAllEffectivePermissionsQuery` behind `canUseMcp` in `useMCPServerManager` for consistency (wasted request when MCP disabled, even though this endpoint doesn't 403) - Sort multi-line `librechat-data-provider` import shortest to longest - Restore intent comment on `useGetStartupConfig` call - Add `useAppStartup` test suite covering MCP permission gating: query suppression when USE denied, compound `enabled` conditions for tools query (servers loading, empty, no user)
danny-avila
changed the title
jcbartle
pushed a commit
to jcbartle/LibreChat
that referenced
this pull request
May 11, 2026
…nny-avila#12345) * 🐛 fix: Gate MCP queries behind USE permission to prevent 403 spam Closes danny-avila#12342 When `interface.mcpServers.use` is set to `false` in `librechat.yaml`, the frontend was still unconditionally fetching `/api/mcp/servers` on every app startup, window focus, and stale interval — producing continuous 403 "Insufficient permissions" log entries. Add `useHasAccess` permission checks to both `useMCPServersQuery` call sites (`useAppStartup` and `useMCPServerManager`) so the query is disabled when the user lacks `MCP_SERVERS.USE`, matching the guard pattern already used by MCP UI components. * fix: Lint and import order corrections * fix: Address review findings — gate permissions query, add tests - Gate `useGetAllEffectivePermissionsQuery` behind `canUseMcp` in `useMCPServerManager` for consistency (wasted request when MCP disabled, even though this endpoint doesn't 403) - Sort multi-line `librechat-data-provider` import shortest to longest - Restore intent comment on `useGetStartupConfig` call - Add `useAppStartup` test suite covering MCP permission gating: query suppression when USE denied, compound `enabled` conditions for tools query (servers loading, empty, no user)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #12342
Summary
Fixed unconditional MCP data-fetching that flooded backend logs with
403 Forbiddenerrors wheneverinterface.mcpServers.use: falsewas set inlibrechat.yaml. Closes #12342.useHasAccess({ permissionType: PermissionTypes.MCP_SERVERS, permission: Permissions.USE })check inuseAppStartupand passed the resultingcanUseMcpboolean asenabledto bothuseMCPServersQueryanduseMCPToolsQuery, preventing either query from firing on startup, window focus, or stale intervals when the user lacks the permission.enabled: canUseMcpguard touseMCPServersQueryanduseGetAllEffectivePermissionsQueryinuseMCPServerManager, matching the guard pattern already used by MCP UI rendering components (MCPTools,ToolsDropdown,MCPSelect).useAppStartup.spec.tsxwith 6 test cases covering: correct permission type/permission passed touseHasAccess, both queries suppressed whencanUseMcpisfalse, both queries enabled when permission is granted with servers loaded and user present, and tools query suppressed independently when the user prop is undefined, the servers object is empty, or servers are still loading.useAppStartup.tsto comply with longest-to-shortest project convention.librechat-data-providernamed import block inuseMCPServerManager.tsshortest to longest.useGetStartupConfigcall inuseMCPServerManagerto document that it is retained specifically forinterface.mcpServers.placeholder.Change Type
Testing
Verified the guard using the new unit test suite in
client/src/hooks/Config/__tests__/useAppStartup.spec.tsx. To reproduce manually:Test Configuration:
interface.mcpServers.use: falseinlibrechat.yamland restart the backend.GET /api/mcp/serversappear in the browser network tab or backend logs on startup, window focus, or after 30 seconds.use: true) and restart — confirm MCP servers load normally and the tools dropdown and agent panel MCP tools render and function correctly.Checklist