Add support for streamable-http transport

[teppana88]

Implement streamable-http transport as defined in the MCP Basic Transports specification, to enable remote MCP usage for cloud-based deployments.

This should include:

• Authorization header support (Bearer token) for HTTP transport, as defined in the MCP Basic Authorization specification.
• MCP Lifecycle over HTTP transport (session start/stop, error handling) as defined in the MCP Basic Lifecycle specification.
• MCP-compliant error objects for all relevant cases (including proper error.code values for unauthorized, forbidden, and rate-limited requests), mapped to appropriate HTTP status codes.

Nice-to-have (not required by MCP spec):

• Support for OAuth2/OIDC authentication on top of the Bearer token mechanism, to integrate with enterprise identity providers and enable centralized user/token management.

Use case:

We are building a centralized Redis MCP server in the cloud to serve multiple AI agents running in developer IDEs and other autonomous AI tools. These agents need to query and update a shared Redis database hosted in cloud env. Without streamable-http support, each developer would need to run a local MCP server connected to Redis, which breaks the centralization model and complicates authentication, auditing, and access control.

Why this is needed:

Implementing streamable-http with proper Authorization support enables a single, cloud-hosted Redis MCP server to serve multiple remote MCP clients securely. This reduces operational overhead, centralizes permissions and audit logs, and aligns with enterprise requirements for authentication, rate-limiting, and secure data access.

References:

MCP Basic Transports spec
MCP Basic Authorization spec
MCP Basic Lifecycle spec

[tishun]

Hey @teppana88 ,

many thanks for the detailed request!

The team will review this request and get back to you on what we've decided.
In the meantime any additional details from the community are more than welcome!