Fix MCP initialize response to follow specification

- Remove sessionId field from initialize response body (not in MCP spec) - Set Mcp-Session-Id header in initialize response using visit ID - Maintain proper header setting for other methods that return sessionId - Ensure MCP protocol compliance for initialization flow

Fix MCP initialize response to follow specification
- Remove sessionId field from initialize response body (not in MCP spec) - Set Mcp-Session-Id header in initialize response using visit ID - Maintain proper header setting for other methods that return sessionId - Ensure MCP protocol compliance for initialization flow
Ean Schuessler
Showing 2 changed files with 8 additions and 5 deletions
service/McpServices.xml
src/main/groovy/org/moqui/mcp/EnhancedMcpServlet.groovy
--- a/service/McpServices.xml
View file @0f3c1f6
+++ b/service/McpServices.xml
View file @0f3c1f6
@@ -107,8 +107,7 @@
                    protocolVersion: "2025-06-18",
                    capabilities: serverCapabilities,
                    serverInfo: serverInfo,
-                    instructions: "This server provides access to Moqui ERP through MCP. For common business queries: Use screen_PopCommerce_screen_PopCommerceAdmin.Catalog for product catalog, screen_PopCommerce_screen_PopCommerceAdmin_Order.FindOrder for order status, screen_PopCommerce_screen_PopCommerceRoot.Customer for customer management, and screen_PopCommerce_screen_PopCommerceAdmin.QuickSearch for general searches. All screens support parameterized queries for filtering results.",
+                    instructions: "This server provides access to Moqui ERP through MCP. For common business queries: Use screen_PopCommerce_screen_PopCommerceAdmin.Catalog for product catalog, screen_PopCommerce_screen_PopCommerceAdmin_Order.FindOrder for order status, screen_PopCommerce_screen_PopCommerceRoot.Customer for customer management, and screen_PopCommerce_screen_PopCommerceAdmin.QuickSearch for general searches. All screens support parameterized queries for filtering results."
-                    sessionId: visit.visitId
                ]
                ec.logger.info("MCP Initialize for user ${userId} (session ${sessionId}): capabilities negotiated")
--- a/src/main/groovy/org/moqui/mcp/EnhancedMcpServlet.groovy
View file @0f3c1f6
+++ b/src/main/groovy/org/moqui/mcp/EnhancedMcpServlet.groovy
View file @0f3c1f6
@@ -812,8 +812,11 @@ logger.info("Handling Enhanced SSE connection from ${request.remoteAddr}")
        }
        // Set Mcp-Session-Id header BEFORE any response data (per MCP 2025-06-18 spec)
-        if (result?.sessionId) {
+        // For initialize method, always use sessionId we have (from visit or header)
-            response.setHeader("Mcp-Session-Id", result.sessionId)
+        if (rpcRequest.method == "initialize" && sessionId) {
+            response.setHeader("Mcp-Session-Id", sessionId.toString())
+        } else if (result?.sessionId) {
+            response.setHeader("Mcp-Session-Id", result.sessionId.toString())
        }
        // Build JSON-RPC response for regular requests
@@ -868,7 +871,8 @@ logger.info("Handling Enhanced SSE connection from ${request.remoteAddr}")
                    }
                    params.actualUserId = ec.user.userId
                    logger.info("Initialize - actualUserId: ${params.actualUserId}, sessionId: ${params.sessionId}")
-                    return callMcpService("mcp#Initialize", params, ec)
+                    def serviceResult = callMcpService("mcp#Initialize", params, ec)
+                    return serviceResult
                case "ping":
                    // Simple ping for testing - bypass service for now
                    return [pong: System.currentTimeMillis(), sessionId: visit?.visitId, user: ec.user.username]