feat: Add support for forwarding headers from MCP clients to GraphQL APIs

Author: DaleSeo

crates/apollo-mcp-server/src/headers.rs

@@ -0,0 +1,142 @@
+use std::ops::Deref;
+use std::str::FromStr;
+
+use headers::HeaderMapExt;
+use http::Extensions;
+use reqwest::header::{HeaderMap, HeaderName};
+
+use crate::auth::ValidToken;
+
+/// List of header names to forward from MCP clients to GraphQL API
+pub type ForwardHeaders = Vec<String>;
+
+/// Build headers for a GraphQL request by combining static headers with forwarded headers
+pub fn build_request_headers(
+    static_headers: &HeaderMap,
+    forward_header_names: &ForwardHeaders,
+    incoming_headers: &HeaderMap,
+    extensions: &Extensions,
+    disable_auth_token_passthrough: bool,
+) -> HeaderMap {
+    // Starts with static headers
+    let mut headers = static_headers.clone();
+
+    // Forward headers dynamically
+    forward_headers(forward_header_names, incoming_headers, &mut headers);
+
+    // Optionally extract the validated token and propagate it to upstream servers if present
+    if !disable_auth_token_passthrough && let Some(token) = extensions.get::<ValidToken>() {
+        headers.typed_insert(token.deref().clone());
+    }
+
+    // Forward the mcp-session-id header if present
+    if let Some(session_id) = incoming_headers.get("mcp-session-id") {
+        headers.insert("mcp-session-id", session_id.clone());
+    }
+
+    headers
+}
+
+/// Forward matching headers from incoming headers to outgoing headers
+fn forward_headers(names: &[String], incoming: &HeaderMap, outgoing: &mut HeaderMap) {
+    for header in names {
+        if let Ok(header_name) = HeaderName::from_str(header)
+            && let Some(value) = incoming.get(&header_name)
+            // Hop-by-hop headers are blocked per RFC 7230: https://datatracker.ietf.org/doc/html/rfc7230#section-6.1
+            && !matches!(
+                header_name.as_str().to_lowercase().as_str(),
+                "connection"
+                    | "keep-alive"
+                    | "proxy-authenticate"
+                    | "proxy-authorization"
+                    | "te"
+                    | "trailers"
+                    | "transfer-encoding"
+                    | "upgrade"
+                    | "content-length"
+            )
+        {
+            outgoing.insert(header_name, value.clone());
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use reqwest::header::HeaderValue;
+
+    #[test]
+    fn test_forward_no_headers_by_default() {
+        let names: Vec<String> = vec![];
+
+        let mut incoming = HeaderMap::new();
+        incoming.insert("x-tenant-id", HeaderValue::from_static("tenant-123"));
+
+        let mut outgoing = HeaderMap::new();
+
+        forward_headers(&names, &incoming, &mut outgoing);
+
+        assert!(outgoing.is_empty());
+    }
+
+    #[test]
+    fn test_forward_only_allowed_headers() {
+        let names = vec![
+            "x-tenant-id".to_string(),     // Multi-tenancy
+            "x-trace-id".to_string(),      // Distributed tracing
+            "x-geo-country".to_string(),   // Geo information from CDN
+            "x-experiment-id".to_string(), // A/B testing
+            "ai-client-name".to_string(),  // Client identification
+        ];
+
+        let mut incoming = HeaderMap::new();
+        incoming.insert("x-tenant-id", HeaderValue::from_static("tenant-123"));
+        incoming.insert("x-trace-id", HeaderValue::from_static("trace-456"));
+        incoming.insert("x-geo-country", HeaderValue::from_static("US"));
+        incoming.insert("x-experiment-id", HeaderValue::from_static("exp-789"));
+        incoming.insert("ai-client-name", HeaderValue::from_static("claude"));
+        incoming.insert("other-header", HeaderValue::from_static("ignored"));
+
+        let mut outgoing = HeaderMap::new();
+
+        forward_headers(&names, &incoming, &mut outgoing);
+
+        assert_eq!(outgoing.get("x-tenant-id").unwrap(), "tenant-123");
+        assert_eq!(outgoing.get("x-trace-id").unwrap(), "trace-456");
+        assert_eq!(outgoing.get("x-geo-country").unwrap(), "US");
+        assert_eq!(outgoing.get("x-experiment-id").unwrap(), "exp-789");
+        assert_eq!(outgoing.get("ai-client-name").unwrap(), "claude");
+
+        assert!(outgoing.get("other-header").is_none());
+    }
+
+    #[test]
+    fn test_hop_by_hop_headers_blocked() {
+        let names = vec!["connection".to_string(), "content-length".to_string()];
+
+        let mut incoming = HeaderMap::new();
+        incoming.insert("connection", HeaderValue::from_static("keep-alive"));
+        incoming.insert("content-length", HeaderValue::from_static("1234"));
+
+        let mut outgoing = HeaderMap::new();
+
+        forward_headers(&names, &incoming, &mut outgoing);
+
+        assert!(outgoing.get("connection").is_none());
+        assert!(outgoing.get("content-length").is_none());
+    }
+
+    #[test]
+    fn test_case_insensitive_matching() {
+        let names = vec!["X-Tenant-ID".to_string()];
+
+        let mut incoming = HeaderMap::new();
+        incoming.insert("x-tenant-id", HeaderValue::from_static("tenant-123"));
+
+        let mut outgoing = HeaderMap::new();
+        forward_headers(&names, &incoming, &mut outgoing);
+
+        assert_eq!(outgoing.get("x-tenant-id").unwrap(), "tenant-123");
+    }
+}

crates/apollo-mcp-server/src/lib.rs

@@ -6,6 +6,7 @@ pub mod custom_scalar_map;
 pub mod errors;
 pub mod event;
 mod explorer;
+pub mod headers;
 mod graphql;
 pub mod health;
 mod introspection;

crates/apollo-mcp-server/src/main.rs

@@ -115,6 +115,7 @@ async fn main() -> anyhow::Result<()> {
         .endpoint(config.endpoint.into_inner())
         .maybe_explorer_graph_ref(explorer_graph_ref)
         .headers(config.headers)
+        .forward_headers(config.forward_headers)
         .execute_introspection(config.introspection.execute.enabled)
         .validate_introspection(config.introspection.validate.enabled)
         .introspect_introspection(config.introspection.introspect.enabled)

crates/apollo-mcp-server/src/runtime/config.rs

@@ -1,6 +1,8 @@
 use std::path::PathBuf;
 
-use apollo_mcp_server::{cors::CorsConfig, health::HealthCheckConfig, server::Transport};
+use apollo_mcp_server::{
+    cors::CorsConfig, headers::ForwardHeaders, health::HealthCheckConfig, server::Transport,
+};
 use reqwest::header::HeaderMap;
 use schemars::JsonSchema;
 use serde::Deserialize;
@@ -33,6 +35,10 @@ pub struct Config {
     #[schemars(schema_with = "super::schemas::header_map")]
     pub headers: HeaderMap,
 
+    /// List of header names to forward from MCP client requests to GraphQL requests
+    #[serde(default)]
+    pub forward_headers: ForwardHeaders,
+
     /// Health check configuration
     #[serde(default)]
     pub health_check: HealthCheckConfig,

crates/apollo-mcp-server/src/server.rs

@@ -12,6 +12,7 @@ use crate::cors::CorsConfig;
 use crate::custom_scalar_map::CustomScalarMap;
 use crate::errors::ServerError;
 use crate::event::Event as ServerEvent;
+use crate::headers::ForwardHeaders;
 use crate::health::HealthCheckConfig;
 use crate::operations::{MutationMode, OperationSource};
 
@@ -26,6 +27,7 @@ pub struct Server {
     operation_source: OperationSource,
     endpoint: Url,
     headers: HeaderMap,
+    forward_headers: ForwardHeaders,
     execute_introspection: bool,
     validate_introspection: bool,
     introspect_introspection: bool,
@@ -111,6 +113,7 @@ impl Server {
         operation_source: OperationSource,
         endpoint: Url,
         headers: HeaderMap,
+        forward_headers: ForwardHeaders,
         execute_introspection: bool,
         validate_introspection: bool,
         introspect_introspection: bool,
@@ -139,6 +142,7 @@ impl Server {
             operation_source,
             endpoint,
             headers,
+            forward_headers,
             execute_introspection,
             validate_introspection,
             introspect_introspection,

crates/apollo-mcp-server/src/server/states.rs

@@ -9,6 +9,7 @@ use crate::{
     cors::CorsConfig,
     custom_scalar_map::CustomScalarMap,
     errors::{OperationError, ServerError},
+    headers::ForwardHeaders,
     health::HealthCheckConfig,
     operations::MutationMode,
 };
@@ -34,6 +35,7 @@ struct Config {
     transport: Transport,
     endpoint: Url,
     headers: HeaderMap,
+    forward_headers: ForwardHeaders,
     execute_introspection: bool,
     validate_introspection: bool,
     introspect_introspection: bool,
@@ -68,6 +70,7 @@ impl StateMachine {
                 transport: server.transport,
                 endpoint: server.endpoint,
                 headers: server.headers,
+                forward_headers: server.forward_headers,
                 execute_introspection: server.execute_introspection,
                 validate_introspection: server.validate_introspection,
                 introspect_introspection: server.introspect_introspection,

crates/apollo-mcp-server/src/server/states/running.rs

@@ -1,8 +1,6 @@
-use std::ops::Deref as _;
 use std::sync::Arc;
 
 use apollo_compiler::{Schema, validation::Valid};
-use headers::HeaderMapExt as _;
 use opentelemetry::trace::FutureExt;
 use opentelemetry::{Context, KeyValue};
 use reqwest::header::HeaderMap;
@@ -24,10 +22,10 @@ use url::Url;
 use crate::generated::telemetry::{TelemetryAttribute, TelemetryMetric};
 use crate::meter;
 use crate::{
-    auth::ValidToken,
     custom_scalar_map::CustomScalarMap,
     errors::{McpError, ServerError},
     explorer::{EXPLORER_TOOL_NAME, Explorer},
+    headers::{ForwardHeaders, build_request_headers},
     graphql::{self, Executable as _},
     health::HealthCheck,
     introspection::tools::{
@@ -44,6 +42,7 @@ pub(super) struct Running {
     pub(super) schema: Arc<Mutex<Valid<Schema>>>,
     pub(super) operations: Arc<Mutex<Vec<Operation>>>,
     pub(super) headers: HeaderMap,
+    pub(super) forward_headers: ForwardHeaders,
     pub(super) endpoint: Url,
     pub(super) execute_tool: Option<Execute>,
     pub(super) introspect_tool: Option<Introspect>,
@@ -235,20 +234,19 @@ impl ServerHandler for Running {
                     .await
             }
             EXECUTE_TOOL_NAME => {
-                let mut headers = self.headers.clone();
-                if let Some(axum_parts) = context.extensions.get::<axum::http::request::Parts>() {
-                    // Optionally extract the validated token and propagate it to upstream servers if present
-                    if !self.disable_auth_token_passthrough
-                        && let Some(token) = axum_parts.extensions.get::<ValidToken>()
-                    {
-                        headers.typed_insert(token.deref().clone());
-                    }
-
-                    // Forward the mcp-session-id header if present
-                    if let Some(session_id) = axum_parts.headers.get("mcp-session-id") {
-                        headers.insert("mcp-session-id", session_id.clone());
-                    }
-                }
+                let headers = if let Some(axum_parts) =
+                    context.extensions.get::<axum::http::request::Parts>()
+                {
+                    build_request_headers(
+                        &self.headers,
+                        &self.forward_headers,
+                        &axum_parts.headers,
+                        &axum_parts.extensions,
+                        self.disable_auth_token_passthrough,
+                    )
+                } else {
+                    self.headers.clone()
+                };
 
                 self.execute_tool
                     .as_ref()
@@ -268,20 +266,19 @@ impl ServerHandler for Running {
                     .await
             }
             _ => {
-                let mut headers = self.headers.clone();
-                if let Some(axum_parts) = context.extensions.get::<axum::http::request::Parts>() {
-                    // Optionally extract the validated token and propagate it to upstream servers if present
-                    if !self.disable_auth_token_passthrough
-                        && let Some(token) = axum_parts.extensions.get::<ValidToken>()
-                    {
-                        headers.typed_insert(token.deref().clone());
-                    }
-
-                    // Also forward the mcp-session-id header if present
-                    if let Some(session_id) = axum_parts.headers.get("mcp-session-id") {
-                        headers.insert("mcp-session-id", session_id.clone());
-                    }
-                }
+                let headers = if let Some(axum_parts) =
+                    context.extensions.get::<axum::http::request::Parts>()
+                {
+                    build_request_headers(
+                        &self.headers,
+                        &self.forward_headers,
+                        &axum_parts.headers,
+                        &axum_parts.extensions,
+                        self.disable_auth_token_passthrough,
+                    )
+                } else {
+                    self.headers.clone()
+                };
 
                 let graphql_request = graphql::Request {
                     input: Value::from(request.arguments.clone()),
@@ -408,6 +405,7 @@ mod tests {
             schema: Arc::new(Mutex::new(schema)),
             operations: Arc::new(Mutex::new(vec![])),
             headers: HeaderMap::new(),
+            forward_headers: vec![],
             endpoint: "http://localhost:4000".parse().unwrap(),
             execute_tool: None,
             introspect_tool: None,

crates/apollo-mcp-server/src/server/states/starting.rs

@@ -140,6 +140,7 @@ impl Starting {
             schema,
             operations: Arc::new(Mutex::new(operations)),
             headers: self.config.headers,
+            forward_headers: self.config.forward_headers.clone(),
             endpoint: self.config.endpoint,
             execute_tool,
             introspect_tool,
@@ -355,6 +356,7 @@ mod tests {
                 mutation_mode: MutationMode::All,
                 execute_introspection: true,
                 headers: HeaderMap::new(),
+                forward_headers: vec![],
                 validate_introspection: true,
                 introspect_introspection: true,
                 search_introspection: true,