Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Exposing Bedrock AgentCore MCP runtime for external MCP client access

0

Hi, I have deployed an MCP server (using FastMCP) within an Amazon Bedrock AgentCore runtime. The server works as expected when tested through the AgentCore sandbox. However, I’m trying to determine whether there is a supported way to allow external MCP clients (e.g., Cline, Cursor, Claude Desktop) to connect directly to this runtime over the MCP protocol.

What I’m trying to achieve:

Enable external MCP clients to communicate directly with the MCP server running inside AgentCore, rather than only interacting with it through AgentCore sandbox.

What I’ve tried so far:

-Attempted to associate the deployed AgentCore runtime with a Gateway to obtain a public endpoint -Tried constructing a direct URL using the runtime ID / ARN

Thank you for your help, Logan

  • Malini Agrawal
    a month ago

    Is your server running stateless/stateful mode? stateless_http=True/false ? also what auth provider did you use Cognito/AuthO/none?

Topics
ServerlessFront-End Web & MobileMachine Learning & AIDeveloper ToolsNetworking & Content DeliveryGenerative AI on AWS
Tags
Amazon API GatewayAWS MCP ServerAmazon Bedrock AgentCoreAmazon Bedrock
Language
English
asked a month ago385 views
2 Answers
5

The error you are seeing - Incompatible auth server: does not support dynamic client registration - is a known friction point when connecting local MCP clients (like Cline or Cursor) to AWS-hosted runtimes.

The Root Cause:

Most desktop MCP clients (Cline, Cursor, Claude Desktop) implementing the MCP Over HTTP spec expect the server to support the full MCP OAuth flow, which often includes RFC 7591 (Dynamic Client Registration -> https://datatracker.ietf.org/doc/html/rfc7591 ). Amazon Cognito, which typically backs Bedrock AgentCore, does not support Dynamic Client Registration. When the client attempts to "handshake" with the auth server provided in your metadata and fails to find the registration endpoint, it throws that error.

The Solution:

To bypass this, you must treat the AgentCore runtime as a protected API and provide the credential directly via headers, rather than letting the MCP client attempt to negotiate the OAuth flow itself.

1. Manually Retrieve your Bearer Token

Since the client can't register itself, you need to obtain an access_token via the AWS CLI or an SDK using your configured Cognito User Pool.

aws cognito-idp initiate-auth \
  --auth-flow USER_PASSWORD_AUTH \
  --client-id <YOUR_COGNITO_CLIENT_ID> \
  --auth-parameters USERNAME=<YOUR_USER>,PASSWORD=<YOUR_PASSWORD>

Note: Ensure the Client ID used here has ALLOW_USER_PASSWORD_AUTH enabled.

2. Manual Configuration in Cline/Cursor

Instead of using the UI's "OAuth" setup (which triggers the discovery flow), edit your mcp_settings.json (for Cline) or the MCP settings in Cursor directly to inject the header manually:

{
  "mcpServers": {
    "my-bedrock-agentcore": {
      "command": "curl", 
      "args": [],
      "type": "http",
      "url": "https://bedrock-agentcore.{region}.amazonaws.com/runtimes/{ENCODED_ARN}/invocations?qualifier=DEFAULT",
      "headers": {
        "Authorization": "Bearer <YOUR_ACCESS_TOKEN>"
      }
    }
  }
}

PS: Please have the following in mind:

  • Token Expiry: Cognito tokens are short-lived (typically 1 hour). For a persistent development environment, you may want to use a local shell script as a "wrapper" that refreshes the token and updates an environment variable used in your settings.
  • Public Access: Ensure your agentcore.json deployment configuration has networkMode set to PUBLIC.
  • Encoded ARN: Double-check that your Runtime ARN is correctly URL-encoded (e.g., : becomes %3A and / becomes %2F) in the endpoint URL.
EXPERT
answered a month ago
  • LoganL14
    a month ago

    I actually have been editing the mcp_settings.json , and that is when I got that error. This must be an issue with how I am going about configuring my Cognito User Pool. I will look more into this, thank you.

  • LoganL14
    a month ago

    This is my new continuing error: {"jsonrpc":"2.0","error":{"code":-32001,"message":"Claim 'aud' value mismatch with configuration."},"id":"null"}

    Is this related to how I deployed the MCP server?

    During setup, I set the OAuth “audience” in AWS to the Client ID. However, the Bearer token I’m using does not contain an aud claim, only a client_id.

    It seems like the issue is that AgentCore expects an aud value in the token, but Cognito is issuing a token that doesn’t include it.

2

The documentation for this is mostly covered in https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/runtime-mcp.html and specifically in the fourth step.

The first thing you need to ensure is that you're deploying your AgentCore runtime in a public mode (this should be default, but still). That would mean having something like

{
  "networkConfiguration": {
    "networkMode": "PUBLIC"
  }
}

in your agentcore.json (as opposed to VPC mode).

Then:

  1. Get your runtime ARN from the agentcore deploy output
  2. URL-encode the ARN: replace : with %3A and / with %2F
  3. Construct the URL: https://bedrock-agentcore.{region}.amazonaws.com/runtimes/{ENCODED_ARN}/invocations?qualifier=DEFAULT
  4. Obtain a Bearer token from your configured OAuth provider (Cognito, Auth0, etc.)
  5. Configure your MCP client with the URL and authorization: Bearer {token} header
  6. Ensure your client supports Streamable HTTP transport (most modern MCP clients do)

The endpoint is a standard HTTPS URL that speaks MCP Streamable HTTP — any compliant MCP client can connect to it directly without needing a Gateway intermediary.

AWS
answered a month ago
EXPERT
reviewed a month ago
  • LoganL14
    a month ago

    Thank you for the response. I tried this approach and wanted to test in cline. I kept getting error "Incompatible auth server: does not support dynamic client registration"

    What MCP client would you expect to work? Cline does support HTTP transport.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content