@inkeep/agents-run-api 0.0.0-dev-20260106234559 → 0.0.0-dev-20260107043750

package/dist/a2a/handlers.js

@@ -50,6 +50,13 @@ async function handleMessageSend(c, agent, request) {
 	try {
 		const params = request.params;
 		const { agentId } = getRequestExecutionContext(c);
+		const forwardedHeaders = {};
+		const xForwardedCookie = c.req.header("x-forwarded-cookie");
+		const authorization = c.req.header("authorization");
+		const cookie = c.req.header("cookie");
+		if (xForwardedCookie) forwardedHeaders["x-forwarded-cookie"] = xForwardedCookie;
+		else if (cookie) forwardedHeaders["x-forwarded-cookie"] = cookie;
+		if (authorization) forwardedHeaders.authorization = authorization;
 		const task = {
 			id: generateId(),
 			input: { parts: params.message.parts.map((part) => ({
@@ -62,7 +69,8 @@ async function handleMessageSend(c, agent, request) {
 				metadata: {
 					blocking: params.configuration?.blocking ?? false,
 					custom: { agent_id: agentId || "" },
-					...params.message.metadata
+					...params.message.metadata,
+					forwardedHeaders: Object.keys(forwardedHeaders).length > 0 ? forwardedHeaders : void 0
 				}
 			}
 		};
@@ -297,6 +305,13 @@ async function handleMessageStream(c, agent, request) {
 			},
 			id: request.id
 		});
+		const forwardedHeaders = {};
+		const xForwardedCookie = c.req.header("x-forwarded-cookie");
+		const authorization = c.req.header("authorization");
+		const cookie = c.req.header("cookie");
+		if (xForwardedCookie) forwardedHeaders["x-forwarded-cookie"] = xForwardedCookie;
+		else if (cookie) forwardedHeaders["x-forwarded-cookie"] = cookie;
+		if (authorization) forwardedHeaders.authorization = authorization;
 		const task = {
 			id: generateId(),
 			input: { parts: params.message.parts.map((part) => ({
@@ -308,7 +323,8 @@ async function handleMessageStream(c, agent, request) {
 				conversationId: params.message.contextId,
 				metadata: {
 					blocking: false,
-					custom: { agent_id: agentId || "" }
+					custom: { agent_id: agentId || "" },
+					forwardedHeaders: Object.keys(forwardedHeaders).length > 0 ? forwardedHeaders : void 0
 				}
 			}
 		};

package/dist/agents/Agent.d.ts

@@ -48,6 +48,8 @@ type AgentConfig = {
   sandboxConfig?: SandboxConfig;
   /** User ID for user-scoped credential lookup (from temp JWT) */
   userId?: string;
+  /** Headers to forward to MCP servers (e.g., x-forwarded-cookie for user session auth) */
+  forwardedHeaders?: Record<string, string>;
 };
 type ExternalAgentRelationConfig = {
   relationId: string;

package/dist/agents/Agent.js

@@ -539,7 +539,8 @@ var Agent = class {
 		};
 	}
 	async getMcpTool(tool$1) {
-		const cacheKey = `${this.config.tenantId}-${this.config.projectId}-${tool$1.id}-${tool$1.credentialReferenceId || "no-cred"}`;
+		const forwardedHeadersHash = this.config.forwardedHeaders ? Object.keys(this.config.forwardedHeaders).sort().join(",") : "no-fwd";
+		const cacheKey = `${this.config.tenantId}-${this.config.projectId}-${tool$1.id}-${tool$1.credentialReferenceId || "no-cred"}-${forwardedHeadersHash}`;
 		const credentialReferenceId = tool$1.credentialReferenceId;
 		const toolRelation = (await getToolsForAgent(dbClient_default)({ scopes: {
 			tenantId: this.config.tenantId,
@@ -626,11 +627,16 @@ var Agent = class {
 			else urlObj.searchParams.set("user_id", `${this.config.tenantId}||${this.config.projectId}`);
 			serverConfig.url = urlObj.toString();
 		}
+		if (this.config.forwardedHeaders && Object.keys(this.config.forwardedHeaders).length > 0) serverConfig.headers = {
+			...serverConfig.headers,
+			...this.config.forwardedHeaders
+		};
 		logger.info({
 			toolName: tool$1.name,
 			credentialReferenceId,
 			transportType: serverConfig.type,
-			headers: tool$1.headers
+			headers: tool$1.headers,
+			hasForwardedHeaders: !!this.config.forwardedHeaders
 		}, "Built MCP server config with credentials");
 		let client = this.mcpClientCache.get(cacheKey);
 		if (client && !client.isConnected()) {

package/dist/agents/generateTaskHandler.js

@@ -21,6 +21,7 @@ const createTaskHandler = (config, credentialStoreRegistry) => {
 				},
 				artifacts: []
 			};
+			const forwardedHeaders = task.context?.metadata?.forwardedHeaders;
 			const [internalRelations, externalRelations, teamRelations, toolsForAgent, dataComponents, artifactComponents] = await Promise.all([
 				getRelatedAgentsForAgent(dbClient_default)({
 					scopes: {
@@ -322,7 +323,8 @@ const createTaskHandler = (config, credentialStoreRegistry) => {
 				artifactComponents,
 				contextConfigId: config.contextConfigId || void 0,
 				conversationHistoryConfig: config.conversationHistoryConfig,
-				sandboxConfig: config.sandboxConfig
+				sandboxConfig: config.sandboxConfig,
+				forwardedHeaders
 			}, credentialStoreRegistry);
 			const artifactStreamRequestId = task.context?.metadata?.streamRequestId;
 			if (artifactStreamRequestId && artifactComponents.length > 0) agentSessionManager.updateArtifactComponents(artifactStreamRequestId, artifactComponents);

package/dist/handlers/executionHandler.d.ts

@@ -10,6 +10,8 @@ interface ExecutionHandlerParams {
   requestId: string;
   sseHelper: StreamHelper;
   emitOperations?: boolean;
+  /** Headers to forward to MCP servers (e.g., x-forwarded-cookie for auth) */
+  forwardedHeaders?: Record<string, string>;
 }
 interface ExecutionResult {
   success: boolean;

package/dist/handlers/executionHandler.js

@@ -32,7 +32,7 @@ var ExecutionHandler = class {
 	* @returns
 	*/
 	async execute(params) {
-		const { executionContext, conversationId, userMessage, initialAgentId, requestId, sseHelper, emitOperations } = params;
+		const { executionContext, conversationId, userMessage, initialAgentId, requestId, sseHelper, emitOperations, forwardedHeaders } = params;
 		const { tenantId, projectId, agentId, apiKey, baseUrl } = executionContext;
 		registerStreamHelper(requestId, sseHelper);
 		agentSessionManager.createSession(requestId, agentId, tenantId, projectId, conversationId);
@@ -177,7 +177,8 @@ var ExecutionHandler = class {
 					"x-inkeep-tenant-id": tenantId,
 					"x-inkeep-project-id": projectId,
 					"x-inkeep-agent-id": agentId,
-					"x-inkeep-sub-agent-id": currentAgentId
+					"x-inkeep-sub-agent-id": currentAgentId,
+					...forwardedHeaders || {}
 				} });
 				let messageResponse = null;
 				const messageMetadata = { stream_request_id: requestId };

package/dist/routes/chat.js

@@ -250,6 +250,13 @@ app.openapi(chatCompletionsRoute, async (c) => {
 					await sseHelper.writeRole();
 					logger.info({ subAgentId }, "Starting execution");
 					const emitOperations = c.req.header("x-emit-operations") === "true";
+					const forwardedHeaders = {};
+					const xForwardedCookie = c.req.header("x-forwarded-cookie");
+					const authorization = c.req.header("authorization");
+					const cookie = c.req.header("cookie");
+					if (xForwardedCookie) forwardedHeaders["x-forwarded-cookie"] = xForwardedCookie;
+					else if (cookie) forwardedHeaders["x-forwarded-cookie"] = cookie;
+					if (authorization) forwardedHeaders.authorization = authorization;
 					const result = await new ExecutionHandler().execute({
 						executionContext,
 						conversationId,
@@ -257,7 +264,8 @@ app.openapi(chatCompletionsRoute, async (c) => {
 						initialAgentId: subAgentId,
 						requestId,
 						sseHelper,
-						emitOperations
+						emitOperations,
+						forwardedHeaders
 					});
 					logger.info({ result }, `Execution completed: ${result.success ? "success" : "failed"} after ${result.iterations} iterations`);
 					if (!result.success) await sseHelper.writeOperation(errorOp("Sorry, I was unable to process your request at this time. Please try again.", "system"));

package/dist/routes/chatDataStream.js

@@ -75,6 +75,13 @@ app.openapi(chatDataStreamRoute, async (c) => {
 		const targetTenantId = c.req.header("x-target-tenant-id");
 		const targetProjectId = c.req.header("x-target-project-id");
 		const targetAgentId = c.req.header("x-target-agent-id");
+		const forwardedHeaders = {};
+		const xForwardedCookie = c.req.header("x-forwarded-cookie");
+		const authorization = c.req.header("authorization");
+		const cookie = c.req.header("cookie");
+		if (xForwardedCookie) forwardedHeaders["x-forwarded-cookie"] = xForwardedCookie;
+		else if (cookie) forwardedHeaders["x-forwarded-cookie"] = cookie;
+		if (authorization) forwardedHeaders.authorization = authorization;
 		const activeSpan = trace.getActiveSpan();
 		if (activeSpan) activeSpan.setAttributes({
 			"conversation.id": conversationId,
@@ -183,7 +190,8 @@ app.openapi(chatDataStreamRoute, async (c) => {
 					initialAgentId: subAgentId,
 					requestId: `chat-${Date.now()}`,
 					sseHelper: bufferingHelper,
-					emitOperations
+					emitOperations,
+					forwardedHeaders
 				});
 				const captured = bufferingHelper.getCapturedResponse();
 				return c.json({
@@ -217,7 +225,8 @@ app.openapi(chatDataStreamRoute, async (c) => {
 						initialAgentId: subAgentId,
 						requestId: `chatds-${Date.now()}`,
 						sseHelper: streamHelper,
-						emitOperations
+						emitOperations,
+						forwardedHeaders
 					})).success) await streamHelper.writeOperation(errorOp("Unable to process request", "system"));
 				} catch (err) {
 					logger.error({ err }, "Streaming error");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inkeep/agents-run-api",
-  "version": "0.0.0-dev-20260106234559",
+  "version": "0.0.0-dev-20260107043750",
   "description": "Agents Run API for Inkeep Agent Framework - handles chat, agent execution, and streaming",
   "types": "dist/index.d.ts",
   "exports": {
@@ -41,7 +41,7 @@
     "hono": "^4.10.4",
     "jmespath": "^0.16.0",
     "llm-info": "^1.0.69",
-    "@inkeep/agents-core": "^0.0.0-dev-20260106234559"
+    "@inkeep/agents-core": "^0.0.0-dev-20260107043750"
   },
   "peerDependencies": {
     "@hono/zod-openapi": "^1.1.5",