Skip to main content

New features

OAuth popup helpers

The React client now ships optional popup helpers for OAuth flows. Instead of building your own popup coordination, you can use:
  • createOAuthPopupRedirectHandler() for one-line popup-based OAuth redirects
  • useMcpOAuthPopup() for opener-side popup coordination
  • McpOAuthCallbackContent for a drop-in callback page UI with customizable styling
These helpers handle the postMessage handshake between the popup and your app automatically. You can also skip popups entirely and use a standard redirect callback with finishAuth(sessionId, code). See the React guide and Next.js guide for usage examples.

Automatic reconnection

The React and Vue hooks now expose a built-in reconnection flow. When a connection drops, the client can automatically disconnect and re-establish the session without requiring a full page reload. This is especially useful for long-running applications and agents that need to recover from transient network issues.

Automated session lifecycle management

The Supabase storage backend now includes built-in session cleanup powered by PostgreSQL’s pg_cron extension. Stale and abandoned sessions are automatically removed in two stages:
  • Short-term transient purge (every 5 minutes) — Cleans up failed or incomplete sessions whose TTL has expired, such as abandoned OAuth flows or connections that errored during setup.
  • Long-term dormancy eviction (daily) — Removes active sessions that haven’t been touched in 30+ days, preventing forgotten records from accumulating indefinitely.
Active sessions with ongoing usage are never affected by the short-term sweep, so persistent automation workflows and scheduled agents continue to work without interruption. The cleanup migrations are included automatically when you run npx mcp-ts supabase-init. See the Supabase storage guide for details.

Updates

Session rehydration on reconnect

When an SSE connection resumes after a disconnect, the server now rehydrates the original session metadata — including transport type, server URL, and callback URL — so the reconnected client picks up exactly where it left off. Previously, some metadata could be lost on reconnect, requiring a fresh authentication flow.

Smoother connection state transitions

The React and Vue hooks now normalize connection states in the UI. Intermediate states like INITIALIZING are suppressed for connections that are already established, preventing confusing flickering in your UI during reconnection or transport negotiation.

Proactive session cleanup on connection failures

When a connection or authentication error occurs during setup, the session record is now cleaned up immediately rather than waiting for the next scheduled sweep. This keeps your database lean even in high-churn environments.

Bug fixes

  • Duplicate auth events — Fixed an issue where the AUTHENTICATED state could be emitted multiple times during transport fallback, causing redundant UI updates or side effects.
  • Improved release notes — GitHub releases for @mcp-ts/sdk now include auto-generated release notes with contributor attribution and a full changelog diff.