I’m using GitHub Copilot and have the following mcp.json:
{
"inputs": [],
"servers": {
"MCPServer": {
"url": "http://localhost:7071",
}
}
}
When called it will trigger an autorization using the http://localhost:7071/.well-known/oauth-protected-resource endpoint.
{"resource":"http://localhost:7071/","authorization_servers":["https://localhost:44327"],"bearer_methods_supported":["header"],"scopes_supported":["mcp:tools"],"resource_documentation":"https://docs.example.com/api/weather"}
The issue is the IDP requires the passing of acr_values to both the authorization and token endpoints.
I cant find any reference to how you can pass additional parameters to the IDP when kicking off the request from GitHub Copilot via the Visual Studio 2022 agent.
Looking at the csharp-sdk, the feature is supported for the auth endpoint, but not the token, but even then, I’m not sure how you can tell the Agent to append the acr values when redirecting to the IDP.