Skip to content

Executor MCP Secret Resolution fails, but call works #212

Open
Open
Executor MCP Secret Resolution fails, but call works#212
@fheinonen

Description

@fheinonen
fheinonen
opened on Apr 12, 2026

Executor MCP Secret Resolution Bug

On Ubuntu 25.10, executor resolves a secret-backed OpenAPI authorization header correctly when invoked with executor call, but fails to resolve the same secret when the same workspace is used through Codex over MCP.

Codex Executor Config

.codex/config.toml

[mcp_servers.executor]
command = "executor"
args = [ "mcp" ]

Workspace Executor Config

executor.jsonc

{
  "sources": [
    {
      "kind": "openapi",
      "spec": "https://raw.githubusercontent.com/github/rest-api-description/main/descriptions/api.github.com/api.github.com.json",
      "baseUrl": "https://api.github.com",
      "namespace": "github_v3_rest_api",
      "headers": {
        "Authorization": {
          "value": "secret-public-ref:github_token",
          "prefix": "Bearer "
        }
      }
    }
  ]
}

Test Case

The same operation is executed in the same workspace using the same configured secret:

  • Secret id: github_token
  • Operation: github_v3_rest_api.actions.getRepoPublicKey

Observed Behavior

Works with executor call

executor call resolves the secret correctly and the request succeeds.

Fails through Codex over MCP

The same request through Codex using the MCP-backed executor fails with:

ToolInvocationError: Failed to resolve secret "github_token" for header "Authorization"

Expected Behavior

Codex using executor over MCP should resolve the same configured secret the same way executor call does.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions