@smartbear/mcp 0.25.0 → 0.26.0

package/dist/common/transport-http.js

@@ -5,12 +5,11 @@ import { SSEServerTransport } from "@modelcontextprotocol/sdk/server/sse.js";
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 import { isInitializeRequest } from "@modelcontextprotocol/sdk/types.js";
 import { clientRegistry } from "./client-registry.js";
+import { withRequestContext } from "./request-context.js";
 import { SmartBearMcpServer } from "./server.js";
 import { isDraining, registerShutdownHandler } from "./shutdown.js";
 import { getEnvVarName } from "./transport-stdio.js";
-import { getTypeDescription, isOptionalType } from "./zod-utils.js";
-class AuthorizationError extends Error {
-}
+import { isOptionalType, getTypeDescription } from "./zod-utils.js";
 const PROBE_HEADERS = {
   "Content-Type": "application/json",
   "Cache-Control": "no-store"
@@ -281,7 +280,10 @@ async function handleStreamableHttpRequest(req, res, transports) {
       );
       return;
     }
-    await transport.handleRequest(req, res, parsedBody);
+    await withRequestContext(
+      req,
+      async () => await transport.handleRequest(req, res, parsedBody)
+    );
   } catch (error) {
     console.error("Error handling StreamableHTTP request:", error);
     res.writeHead(500, { "Content-Type": "text/plain" });
@@ -326,10 +328,13 @@ async function handleLegacyMessageRequest(req, res, url, transports) {
   req.on("end", async () => {
     try {
       const parsedBody = JSON.parse(body);
-      await session.transport.handlePostMessage(
+      await withRequestContext(
         req,
-        res,
-        parsedBody
+        async () => await session.transport.handlePostMessage(
+          req,
+          res,
+          parsedBody
+        )
       );
     } catch (error) {
       console.error("Error handling POST message:", error);
@@ -338,118 +343,97 @@ async function handleLegacyMessageRequest(req, res, url, transports) {
     }
   });
 }
-function resolveFromRequest(req, key, prefix) {
-  const queryStringName = getQueryStringName(key, prefix);
+function getConfigValue(clientPrefix, key, req) {
+  const queryStringName = getQueryStringName(clientPrefix, key);
   const queryParams = querystring.parse(req.url?.split("?")[1] || "");
   let value = queryParams[queryStringName] || queryParams[queryStringName.toLowerCase()];
   if (typeof value === "string") {
     return value;
   }
-  const headerName = getHeaderName(key, prefix);
+  const headerName = getHeaderName(clientPrefix, key);
   value = req.headers[headerName] || req.headers[headerName.toLowerCase()];
   if (typeof value === "string") {
-    if (value.toLowerCase().startsWith("bearer ")) {
-      value = value.slice("bearer ".length);
-    } else if (value.toLowerCase().startsWith("token ")) {
-      value = value.slice("token ".length);
-    } else if (value.toLowerCase().startsWith("basic ")) {
-      value = value.slice("basic ".length);
-    }
     return value;
   }
-  const envVarName = getEnvVarName(key, prefix);
-  return process.env[envVarName];
-}
-function makeConfigFn(req) {
-  return (key, client) => resolveFromRequest(req, key, client?.configPrefix);
+  const envVarName = getEnvVarName(clientPrefix, key);
+  return process.env[envVarName] || null;
 }
 async function newServer(req, res) {
-  const configFn = makeConfigFn(req);
-  const enabledToolsets = resolveFromRequest(req, "toolsets", "smartbear") || void 0;
-  const server = new SmartBearMcpServer(configFn, enabledToolsets);
+  const enabledToolsets = getConfigValue("smartbear", "toolsets", req) || void 0;
+  const server = new SmartBearMcpServer(enabledToolsets);
   try {
-    const configuredCount = await clientRegistry.registerAll(
-      server,
-      configFn,
-      true,
-      false
+    const configuredCount = await withRequestContext(
+      req,
+      () => clientRegistry.configure(
+        server,
+        (client, key) => {
+          return getConfigValue(client.configPrefix, key, req);
+        },
+        true
+        // ignoreMissingRequiredConfigs
+      )
+    );
+    console.log(
+      `Configured ${configuredCount} clients for new server instance`
     );
     if (configuredCount === 0) {
       throw new Error(
-        "No clients successfully configured. The request headers are missing the required configuration."
+        "No clients successfully configured. Missing authentication headers."
       );
     }
-    console.log(
-      `Configured ${configuredCount} clients for new server instance`
+    const hasAuth = withRequestContext(
+      req,
+      () => server.getClients().some((client) => {
+        if (!client.getAuthToken) return true;
+        return client.getAuthToken() !== null;
+      })
     );
-    const hasNoAuth = !server.getClients().some((client) => client.hasAuth());
-    if (hasNoAuth) {
-      throw new AuthorizationError(
+    if (!hasAuth) {
+      throw new Error(
         "No clients have valid authentication credentials. Please authenticate via OAuth or provide alternative auth headers (e.g. API key or personal auth token)."
       );
     }
-    return server;
   } catch (error) {
+    const headerHelp = getHttpHeadersHelp();
+    const errorMessage = headerHelp.length > 0 ? `Configuration error: ${error instanceof Error ? error.message : String(error)}. Please provide valid headers:
+${headerHelp.join("\n")}` : "No clients support HTTP header configuration.";
     const headers = {
       "Content-Type": "text/plain"
     };
-    if (error instanceof AuthorizationError) {
-      if (req.headers.host) {
-        headers["WWW-Authenticate"] = `OAuth resource_metadata="http://${req.headers.host}/.well-known/oauth-protected-resource"`;
-      }
-      res.writeHead(401, headers);
-      res.end(error.message);
-    } else {
-      const headerHelp = getHttpHeadersHelp();
-      let errorMessage = `Configuration error: ${error instanceof Error ? error.message : String(error)}.`;
-      if (headerHelp.length > 0) {
-        errorMessage += ` Please provide valid headers:
-${headerHelp.join("\n")}`;
-      }
-      res.writeHead(500, headers);
-      res.end(errorMessage);
+    if (req.headers.host) {
+      headers["WWW-Authenticate"] = `OAuth resource_metadata="http://${req.headers.host}/.well-known/oauth-protected-resource"`;
     }
+    res.writeHead(401, headers);
+    res.end(errorMessage);
     return null;
   }
+  return server;
 }
-function getHeaderName(key, clientPrefix) {
-  const prefix = `${clientPrefix ? `${clientPrefix}-${key}` : key}`;
-  return prefix.split(/[\s\-_]/).map(
+function getHeaderName(clientPrefix, key) {
+  return `${clientPrefix}-${key.split("_").map(
     (part) => part.charAt(0).toUpperCase() + part.slice(1).toLowerCase()
-  ).join("-");
+  ).join("-")}`;
 }
-function getQueryStringName(key, clientPrefix) {
-  const prefix = `${clientPrefix ? `${clientPrefix}-${key}` : key}`;
-  return prefix.split(/[\s\-_]/).map(
-    (part, i) => i === 0 ? part.toLowerCase() : part.charAt(0).toUpperCase() + part.slice(1).toLowerCase()
-  ).join("");
+function getQueryStringName(clientPrefix, key) {
+  return `${clientPrefix.toLowerCase()}${key.split("_").map(
+    (part) => part.charAt(0).toUpperCase() + part.slice(1).toLowerCase()
+  ).join("")}`;
 }
 function getHttpHeaders() {
   const headers = /* @__PURE__ */ new Set();
-  for (const client of clientRegistry.getAll()) {
-    for (const key of [
-      ...Object.keys(client.config.shape),
-      ...Object.keys(client.authenticationFields.shape)
-    ]) {
-      headers.add(getHeaderName(key, client.configPrefix));
+  for (const entry of clientRegistry.getAll()) {
+    for (const configKey of Object.keys(entry.config.shape)) {
+      headers.add(getHeaderName(entry.configPrefix, configKey));
     }
   }
   return Array.from(headers).sort((a, b) => a.localeCompare(b));
 }
 function getHttpHeadersHelp() {
   const messages = [];
-  for (const client of clientRegistry.getAll()) {
-    messages.push(` - ${client.name}:`);
-    for (const [authKey, requirement] of Object.entries(
-      client.authenticationFields.shape
-    )) {
-      const headerName = getHeaderName(authKey, client.configPrefix);
-      messages.push(`    - ${headerName}: ${getTypeDescription(requirement)}`);
-    }
-    for (const [configKey, requirement] of Object.entries(
-      client.config.shape
-    )) {
-      const headerName = getHeaderName(configKey, client.configPrefix);
+  for (const entry of clientRegistry.getAll()) {
+    messages.push(` - ${entry.name}:`);
+    for (const [configKey, requirement] of Object.entries(entry.config.shape)) {
+      const headerName = getHeaderName(entry.configPrefix, configKey);
       const requiredTag = isOptionalType(requirement) ? " (optional)" : " (required)";
       messages.push(
         `    - ${headerName}${requiredTag}: ${getTypeDescription(requirement)}`
@@ -459,7 +443,6 @@ function getHttpHeadersHelp() {
   return messages;
 }
 export {
-  AuthorizationError,
   drainHttpTransport,
   getBaseUrl,
   getHeaderName,

package/dist/common/transport-stdio.js

@@ -1,20 +1,19 @@
 import { enableCompileCache } from "node:module";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { clientRegistry } from "./client-registry.js";
-import { MCP_SERVER_NAME, MCP_SERVER_VERSION } from "./info.js";
+import { USER_AGENT } from "./info.js";
 import { SmartBearMcpServer } from "./server.js";
 import { registerShutdownHandler } from "./shutdown.js";
-import { getTypeDescription } from "./zod-utils.js";
-function getConfigMessage() {
+import { isOptionalType, getTypeDescription } from "./zod-utils.js";
+function getNoConfigMessage() {
   const messages = [];
-  for (const client of clientRegistry.getAll()) {
-    messages.push(` - ${client.name}:`);
-    for (const [configKey, requirement] of [
-      ...Object.entries(client.authenticationFields.shape),
-      ...Object.entries(client.config.shape)
-    ]) {
+  for (const entry of clientRegistry.getAll()) {
+    messages.push(` - ${entry.name}:`);
+    for (const [configKey, requirement] of Object.entries(entry.config.shape)) {
+      const envVarName = getEnvVarName(entry.configPrefix, configKey);
+      const requiredTag = isOptionalType(requirement) ? " (optional)" : " (required)";
       messages.push(
-        `    - ${getEnvVarName(configKey, client.configPrefix)}: ${getTypeDescription(requirement)}`
+        `    - ${envVarName}${requiredTag}: ${getTypeDescription(requirement)}`
       );
     }
   }
@@ -22,34 +21,33 @@ function getConfigMessage() {
 }
 async function runStdioMode() {
   if (process.argv.includes("--version")) {
-    console.log(`${MCP_SERVER_NAME}: v${MCP_SERVER_VERSION}`);
+    console.log(`User-Agent: ${USER_AGENT}`);
     process.exit(0);
   } else if (process.argv.includes("--help")) {
     console.log(
       "The following environment variables can be set to configure each of the SmartBear clients:"
     );
-    console.log(getConfigMessage().join("\n"));
+    console.log(getNoConfigMessage().join("\n"));
     process.exit(0);
   }
   enableCompileCache();
-  const configFn = (key, client) => {
-    const envVarName = getEnvVarName(key, client?.configPrefix);
-    return process.env[envVarName];
-  };
-  const server = new SmartBearMcpServer(configFn, process.env.MCP_TOOLSETS);
-  const addedCount = await clientRegistry.registerAll(
+  const server = new SmartBearMcpServer(process.env.MCP_TOOLSETS);
+  const configuredCount = await clientRegistry.configure(
     server,
-    configFn,
-    true,
-    true
+    (client, key) => {
+      const envVarName = getEnvVarName(client.configPrefix, key);
+      return process.env[envVarName] || null;
+    }
   );
-  if (addedCount === 0) {
-    const message = getConfigMessage();
+  if (configuredCount === 0) {
+    const message = getNoConfigMessage();
     console.warn(
-      `No clients configured. Please provide valid environment variables for at least one client:
-${message.join("\n")}`
+      message.length > 0 ? `No clients configured. Please provide valid environment variables for at least one client:
+${message.join("\n")}` : "No clients support environment variable configuration."
     );
-    await clientRegistry.registerAll(server, configFn, false, false);
+    for (const entry of clientRegistry.getAll()) {
+      await server.addClient(entry);
+    }
   }
   const transport = new StdioServerTransport();
   registerShutdownHandler("stdio-transport", async () => {
@@ -74,9 +72,8 @@ ${message.join("\n")}`
   };
   await server.connect(transport);
 }
-function getEnvVarName(key, clientPrefix) {
-  const prefix = `${clientPrefix ? `${clientPrefix}-${key}` : key}`.toUpperCase();
-  return prefix.replace(/[\s\-_]/g, "_");
+function getEnvVarName(clientPrefix, key) {
+  return `${clientPrefix.toUpperCase().replace(/-/g, "_")}_${key.toUpperCase()}`;
 }
 export {
   getEnvVarName,

package/dist/package.json.js

@@ -1,4 +1,4 @@
-const version = "0.25.0";
+const version = "0.26.0";
 const config = { "mcpServerName": "SmartBear MCP Server" };
 const packageJson = {
   version,

package/dist/pactflow/client.js

@@ -1,26 +1,27 @@
 import zod__default from "zod";
-import { MCP_SERVER_NAME, MCP_SERVER_VERSION } from "../common/info.js";
+import { USER_AGENT } from "../common/info.js";
 import { isSamplingPolyfillResult } from "../common/pollyfills.js";
+import { getRequestHeader } from "../common/request-context.js";
 import { ToolError } from "../common/tools.js";
 import { getOADMatcherRecommendations, getUserMatcherSelection } from "./client/prompt-utils.js";
 import { PROMPTS } from "./client/prompts.js";
 import { TOOLS } from "./client/tools.js";
 const ConfigurationSchema = zod__default.object({
-  base_url: zod__default.url().describe("Pact Broker or PactFlow base URL")
-});
-const AuthenticationSchema = zod__default.object({
-  username: zod__default.string().describe("Username for Pact Broker").optional(),
-  password: zod__default.string().describe("Password for Pact Broker").optional(),
-  token: zod__default.string().describe(
+  base_url: zod__default.url().describe("Pact Broker or PactFlow base URL"),
+  token: zod__default.string().optional().describe(
     "Bearer token for PactFlow authentication (use this OR username/password)"
-  ).optional()
+  ),
+  username: zod__default.string().optional().describe("Username for Pact Broker"),
+  password: zod__default.string().optional().describe("Password for Pact Broker")
 });
 class PactflowClient {
   name = "Contract Testing";
   capabilityPrefix = "contract-testing";
   configPrefix = "Pact-Broker";
   config = ConfigurationSchema;
-  authenticationFields = AuthenticationSchema;
+  token;
+  username;
+  password;
   aiBaseUrl;
   baseUrl;
   _clientType;
@@ -31,7 +32,7 @@ class PactflowClient {
     return this._server;
   }
   /**
-   * Initializes the client with auth credentials and the MCP server reference.
+   * Initialises the client with auth credentials and the MCP server reference.
    * Accepts either a Bearer token (PactFlow) or username/password (Pact Broker).
    * Does nothing if neither is supplied.
    *
@@ -39,21 +40,23 @@ class PactflowClient {
    * @param config - Connection config (base_url + token OR username/password).
    */
   async configure(server, config) {
-    this._server = server;
-    if (this._server.getEnv("username", this) && this._server.getEnv("password", this)) {
+    this.token = config.token;
+    this.username = config.username;
+    this.password = config.password;
+    if (typeof config.token === "string") {
+      this._clientType = "pactflow";
+    } else if (typeof config.username === "string" && typeof config.password === "string") {
       this._clientType = "pact_broker";
     } else {
       this._clientType = "pactflow";
     }
     this.baseUrl = config.base_url;
     this.aiBaseUrl = `${this.baseUrl}/api/ai`;
+    this._server = server;
   }
   /** Returns true if the client has been configured with a base URL and credentials. */
   isConfigured() {
-    return !!this._server;
-  }
-  hasAuth() {
-    return this.isConfigured() && !!this.requestHeaders;
+    return this.baseUrl !== void 0;
   }
   // PactFlow AI client methods
   /**
@@ -163,28 +166,38 @@ class PactflowClient {
   }
   /** Returns the current auth/content-type headers used for all requests. */
   get requestHeaders() {
-    const token = this.server?.getEnv("token", this) || this.server?.getEnv("Authorization");
-    if (token) {
-      let authHeader = token;
-      if (!token.startsWith("Basic ") && !token.startsWith("Bearer ")) {
-        authHeader = `Bearer ${token}`;
+    let contextToken = getRequestHeader("Pact-Token") || getRequestHeader("Authorization");
+    if (Array.isArray(contextToken)) {
+      contextToken = contextToken[0];
+    }
+    if (contextToken) {
+      let authHeader = contextToken;
+      if (!contextToken.startsWith("Basic ") && !contextToken.startsWith("Bearer ")) {
+        authHeader = `Bearer ${contextToken}`;
       }
       return {
         Authorization: authHeader,
         "Content-Type": "application/json",
-        "User-Agent": `${MCP_SERVER_NAME}/${MCP_SERVER_VERSION}`
+        "User-Agent": USER_AGENT
       };
-    } else {
-      const username = this.server?.getEnv("username", this);
-      const password = this.server?.getEnv("password", this);
-      if (username && password) {
-        const authString = `${username}:${password}`;
-        return {
-          Authorization: `Basic ${Buffer.from(authString).toString("base64")}`,
-          "Content-Type": "application/json",
-          "User-Agent": `${MCP_SERVER_NAME}/${MCP_SERVER_VERSION}`
-        };
+    }
+    if (this.token) {
+      let authHeader = this.token;
+      if (!authHeader.startsWith("Basic ") && !authHeader.startsWith("Bearer ")) {
+        authHeader = `Bearer ${authHeader}`;
       }
+      return {
+        Authorization: authHeader,
+        "Content-Type": "application/json",
+        "User-Agent": USER_AGENT
+      };
+    } else if (this.username && this.password) {
+      const authString = `${this.username}:${this.password}`;
+      return {
+        Authorization: `Basic ${Buffer.from(authString).toString("base64")}`,
+        "Content-Type": "application/json",
+        "User-Agent": USER_AGENT
+      };
     }
     return void 0;
   }

package/dist/qmetry/client/api/client-api.js

@@ -1,4 +1,4 @@
-import { MCP_SERVER_NAME, MCP_SERVER_VERSION } from "../../../common/info.js";
+import { USER_AGENT } from "../../../common/info.js";
 import { QMETRY_DEFAULTS } from "../../config/constants.js";
 import { handleQMetryFetchError, handleQMetryApiError } from "./error-handler.js";
 async function qmetryRequest({
@@ -13,7 +13,7 @@ async function qmetryRequest({
   const headers = {
     apikey: token,
     project: project || QMETRY_DEFAULTS.PROJECT_KEY,
-    "User-Agent": `${MCP_SERVER_NAME}/${MCP_SERVER_VERSION}`,
+    "User-Agent": USER_AGENT,
     "qmetry-source": "smartbear-mcp"
   };
   if (body) {

package/dist/qmetry/client/automation.js

@@ -1,4 +1,4 @@
-import { MCP_SERVER_NAME, MCP_SERVER_VERSION } from "../../common/info.js";
+import { USER_AGENT } from "../../common/info.js";
 import { QMETRY_DEFAULTS } from "../config/constants.js";
 import { QMETRY_PATHS } from "../config/rest-endpoints.js";
 import { DEFAULT_IMPORT_AUTOMATION_PAYLOAD } from "../types/automation.js";
@@ -91,7 +91,7 @@ async function importAutomationResults(token, baseUrl, project, payload) {
   const headers = {
     apikey: token,
     project: finalPayload.projectID || project || QMETRY_DEFAULTS.PROJECT_KEY,
-    "User-Agent": `${MCP_SERVER_NAME}/${MCP_SERVER_VERSION}`,
+    "User-Agent": USER_AGENT,
     "qmetry-source": "smartbear-mcp"
     // Note: Content-Type will be set automatically by fetch for FormData
   };

package/dist/qmetry/client.js

@@ -1,45 +1,43 @@
 import zod__default from "zod";
+import { getRequestHeader } from "../common/request-context.js";
 import { findAutoResolveConfig, autoResolveViewIdAndFolderPath } from "./client/auto-resolve.js";
 import { QMETRY_HANDLER_MAP } from "./client/handlers.js";
 import { getProjectInfo } from "./client/project.js";
 import { TOOLS } from "./client/tools/index.js";
 import { QMETRY_DEFAULTS } from "./config/constants.js";
 const ConfigurationSchema = zod__default.object({
+  api_key: zod__default.string().describe("QMetry API key for authentication"),
   base_url: zod__default.string().url().optional().describe(
     "Optional QMetry base URL for custom or region-specific endpoints"
   )
 });
-const AuthenticationSchema = zod__default.object({
-  api_key: zod__default.string().describe("QMetry API key for authentication").optional()
-});
 class QmetryClient {
   name = "QMetry";
   capabilityPrefix = "qmetry";
   configPrefix = "Qmetry";
   config = ConfigurationSchema;
-  authenticationFields = AuthenticationSchema;
+  token;
   projectApiKey = QMETRY_DEFAULTS.PROJECT_KEY;
   endpoint = QMETRY_DEFAULTS.BASE_URL;
-  server;
-  async configure(server, config) {
-    this.server = server;
+  async configure(_server, config, _cache) {
+    this.token = config.api_key;
     if (config.base_url) {
       this.endpoint = config.base_url;
     }
   }
   isConfigured() {
-    return !!this.server;
-  }
-  hasAuth() {
-    return this.isConfigured() && !!this.getAuthToken();
-  }
-  getAuthToken() {
-    return this.server?.getEnv("api_key", this);
+    return true;
   }
-  getAuthTokenOrThrow() {
-    const token = this.getAuthToken();
-    if (!token) throw new Error("Client not configured");
-    return token;
+  getToken() {
+    let contextToken = getRequestHeader("Qmetry-Token") || getRequestHeader("apikey");
+    if (Array.isArray(contextToken)) {
+      contextToken = contextToken[0];
+    }
+    if (contextToken) {
+      return contextToken;
+    }
+    if (!this.token) throw new Error("Client not configured");
+    return this.token;
   }
   getBaseUrl() {
     return this.endpoint;
@@ -86,7 +84,7 @@ class QmetryClient {
               let projectInfo;
               try {
                 projectInfo = await getProjectInfo(
-                  this.getAuthTokenOrThrow(),
+                  this.getToken(),
                   baseUrl,
                   projectKey
                 );
@@ -107,7 +105,7 @@ class QmetryClient {
           }
           const { projectKey: _, baseUrl: __, ...cleanArgs } = a;
           const result = await handlerFn(
-            this.getAuthTokenOrThrow(),
+            this.getToken(),
             baseUrl,
             projectKey,
             cleanArgs

package/dist/qtm4j/client.js

@@ -1,21 +1,20 @@
 import zod__default from "zod";
+import { getRequestHeader } from "../common/request-context.js";
 import { CONFIG_KEYS, API_CONFIG, SCHEMA_DESCRIPTIONS, CLIENT_CONFIG, ERROR_MESSAGES } from "./config/constants.js";
 import { ApiClient } from "./http/api-client.js";
 import { ResolverRegistry } from "./resolver/resolver-registry.js";
 const ConfigurationSchema = zod__default.object({
+  [CONFIG_KEYS.API_KEY]: zod__default.string().describe(SCHEMA_DESCRIPTIONS.API_KEY),
+  [CONFIG_KEYS.AUTOMATION_API_KEY]: zod__default.string().optional().describe(SCHEMA_DESCRIPTIONS.AUTOMATION_API_KEY),
   [CONFIG_KEYS.BASE_URL]: zod__default.string().url().optional().default(API_CONFIG.DEFAULT_BASE_URL).describe(SCHEMA_DESCRIPTIONS.BASE_URL)
 });
-const AuthenticationSchema = zod__default.object({
-  api_key: zod__default.string().describe(SCHEMA_DESCRIPTIONS.API_KEY).optional(),
-  automation_api_key: zod__default.string().describe(SCHEMA_DESCRIPTIONS.AUTOMATION_API_KEY).optional()
-});
 class Qtm4jClient {
   name = CLIENT_CONFIG.NAME;
   capabilityPrefix = CLIENT_CONFIG.TOOL_PREFIX;
   configPrefix = CLIENT_CONFIG.CONFIG_PREFIX;
   config = ConfigurationSchema;
-  authenticationFields = AuthenticationSchema;
-  server;
+  _apiKey;
+  _automationApiKey;
   baseUrl = API_CONFIG.DEFAULT_BASE_URL;
   apiClient;
   resolverRegistry;
@@ -25,7 +24,8 @@ class Qtm4jClient {
    * @param config - Configuration object containing API key and optional base URL
    */
   async configure(server, config) {
-    this.server = server;
+    this._apiKey = config[CONFIG_KEYS.API_KEY];
+    this._automationApiKey = config[CONFIG_KEYS.AUTOMATION_API_KEY];
     if (config[CONFIG_KEYS.BASE_URL]) {
       this.baseUrl = config[CONFIG_KEYS.BASE_URL];
     }
@@ -40,20 +40,34 @@ class Qtm4jClient {
     );
   }
   /**
-   * Check if the client is properly configured
-   * @returns true if API key is set and client is ready
+   * Get authentication token with request-scoped override support
+   * Checks request headers first, then falls back to configured API key
+   * @returns API key or null if not found
    */
-  isConfigured() {
-    return !!this.apiClient;
-  }
-  hasAuth() {
-    return this.isConfigured() && !!this.getAuthToken();
-  }
   getAuthToken() {
-    return this.server?.getEnv(CONFIG_KEYS.API_KEY, this) || this.server?.getEnv("Authorization") || null;
+    const contextHeader = getRequestHeader("Qtm4j-Api-Key") || getRequestHeader("apiKey") || getRequestHeader("Authorization");
+    if (contextHeader) {
+      let token = Array.isArray(contextHeader) ? contextHeader[0] : contextHeader;
+      if (token.startsWith("Bearer ")) {
+        token = token.substring(7);
+      }
+      return token;
+    }
+    return this._apiKey || null;
   }
   getAutomationApiKey() {
-    return this.server?.getEnv(CONFIG_KEYS.AUTOMATION_API_KEY, this) || null;
+    const headerKey = getRequestHeader("Qtm4j-Automation-Api-Key");
+    if (headerKey) {
+      return Array.isArray(headerKey) ? headerKey[0] : headerKey;
+    }
+    return this._automationApiKey || null;
+  }
+  /**
+   * Check if the client is properly configured
+   * @returns true if API key is set and client is ready
+   */
+  isConfigured() {
+    return this.apiClient !== void 0;
   }
   /**
    * Get the configured API client instance

package/dist/qtm4j/http/auth-service.js

@@ -1,4 +1,4 @@
-import { MCP_SERVER_NAME, MCP_SERVER_VERSION } from "../../common/info.js";
+import { USER_AGENT } from "../../common/info.js";
 import { CONTENT_TYPES, HTTP_HEADERS } from "../config/constants.js";
 class AuthService {
   apiKey;
@@ -13,7 +13,7 @@ class AuthService {
     return {
       [HTTP_HEADERS.API_KEY]: this.apiKey,
       [HTTP_HEADERS.CONTENT_TYPE]: CONTENT_TYPES.JSON,
-      [HTTP_HEADERS.USER_AGENT]: `${MCP_SERVER_NAME}/${MCP_SERVER_VERSION}`,
+      [HTTP_HEADERS.USER_AGENT]: USER_AGENT,
       [HTTP_HEADERS.ACCEPT]: CONTENT_TYPES.JSON
     };
   }