OptionalcorsAllow credentials in CORS requests (cookies, auth headers).
Only effective when corsOrigin is set.
Cannot be used with corsOrigin: ['*'].
Can also be configured via MCP_CORS_CREDENTIALS env var.
OptionalcorsCORS allowed origins.
When set, CORS middleware is mounted globally and allows requests from the listed origins. When omitted, CORS is disabled.
Use ['*'] to allow all origins (not recommended for production).
Can also be configured via MCP_CORS_ORIGIN env var (comma-separated)
or [security] cors_origin in the config file.
OptionalenablePrefer JSON responses over SSE streams for simple request-response.
When enabled, the SDK returns application/json for non-streaming
responses (e.g. tools/list, resources/list) instead of wrapping them
in a text/event-stream SSE envelope.
Warning: JSON mode silently drops all in-flight notifications (progress, logging) because the SDK response stream has no SSE controller. Only the final tool result reaches the client. Enable only if your server never sends progress or log notifications.
Can also be configured via MCP_JSON_RESPONSE env var or config file.
OptionaleventEvent store for stream resumability.
When provided, the SDK transport stores events and supports
client reconnection via the Last-Event-ID header. Only meaningful
in stateful mode — stateless requests have no persistent streams.
The SDK provides InMemoryEventStore as a reference implementation.
For production horizontal scaling, implement the EventStore interface
with Redis, PostgreSQL, or another shared backend.
OptionalhelmetContent Security Policy configuration.
'false': Disable CSP entirely"default-src 'self'; script-src 'none'")Can also be configured via MCP_HELMET_CSP env var.
OptionalhelmetX-Frame-Options header value.
'DENY' — Never allow framing (most secure)'SAMEORIGIN' — Allow from same originTo allow framing from specific origins, use CSP frame-ancestors
via helmetCsp instead.
Can also be configured via MCP_HELMET_FRAME_OPTIONS env var.
OptionalhelmetEnable HTTP Strict Transport Security (HSTS) header.
When true, Helmet sets Strict-Transport-Security with max-age=15552000
(180 days) and includeSubDomains. Only enable when serving over HTTPS.
Can also be configured via MCP_HELMET_HSTS env var.
OptionalhostHost to bind to (default: '127.0.0.1' or MCP_BIND_HOST env)
OptionallegacyEnable legacy SSE transport for backwards compatibility
OptionalportPort to listen on (default: 8000 or MCP_PORT env)
OptionalrateRate limiting: max requests per window
OptionalrateRate limiting: window duration in ms
OptionalstatelessOperate in stateless mode (no session IDs).
When enabled, each request gets a fresh McpSession and SDK transport. No Mcp-Session-Id headers are set. Per MCP specification, stateless servers do not track individual client sessions.
In stateless mode, GET and DELETE return 405 Method Not Allowed.
Use cases:
OptionaltrustTrust proxy setting for Express.
Required when running behind a reverse proxy (nginx, Traefik, cloud LB)
to correctly resolve client IPs, protocol, and host from proxy headers
(X-Forwarded-For, X-Forwarded-Proto, X-Forwarded-Host).
Values:
'1', '2') — Trust N hops from the front-facing proxy'loopback', 'linklocal', 'uniquelocal')'10.0.0.1', '10.0.0.0/8')'proxy.example.com') — resolved at startup'loopback, 10.0.0.1')Can also be configured via MCP_TRUST_PROXY env var or config file.
Omit to disable trust proxy.
HTTP transport — multi-client mode without TLS.
Use behind a reverse proxy that handles TLS termination, or for local development.