Stores behind HTTP basic auth
If your store is protected with HTTP basic authentication (.htpasswd), AI clients will not be able to connect because they cannot send HTTP basic auth credentials alongside OAuth tokens.
The MCP server endpoint and OAuth endpoints must be accessible for the AI client to register, authenticate, and make tool calls.
There are two approaches to solve this, depending on your security requirements.
Solution 1: Exclude MCP endpoints from HTTP basic auth
Exclude the MCP and OAuth endpoints from HTTP basic auth in your web server configuration. The following endpoints need to be accessible without HTTP basic auth:
/mcp/*— MCP server and OAuth endpoints/.well-known/oauth-authorization-server— OAuth discovery/.well-known/oauth-protected-resource— protected resource metadata
Apache (.htaccess)
Add the following rule to your .htaccess file, before the AuthType directive:
SetEnvIf Request_URI "^/(mcp/|\.well-known/oauth)" noauth
AuthType Basic
AuthName "Restricted"
AuthUserFile /path/to/.htpasswd
Require valid-user
Satisfy any
Order allow,deny
Allow from env=noauth
Nginx
Add a location block that disables basic auth for MCP endpoints:
location ~ ^/(mcp/|\.well-known/oauth) {
auth_basic off;
# Your existing fastcgi/proxy configuration
fastcgi_pass unix:/var/run/php-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
}
Place this block before the general location block that enables basic auth.
Removing HTTP basic auth from these endpoints does not bypass security. The MCP endpoint requires a valid OAuth access token for every request. OAuth 2.1 with PKCE provides strong authentication — HTTP basic auth is redundant for these endpoints.
Solution 2: Allowlist AI provider IP addresses
If excluding endpoints is not possible, you can allowlist the IP addresses used by AI providers to bypass HTTP basic auth for those IPs only. All other visitors will still be required to authenticate.
Which IPs to allowlist depends on the type of AI client:
- Cloud-based clients (Claude Desktop/Web, ChatGPT) — MCP tool calls are routed through the provider's cloud infrastructure. You need to allowlist the provider's IP ranges listed below.
- CLI tools (Claude Code, Gemini CLI, OpenAI Codex) — these run on the user's machine and make MCP calls directly. The requests come from the user's own IP address, not the provider's cloud. Allowlist the IP of the machine running the CLI tool.
Anthropic (Claude Desktop / Claude Web)
Anthropic publishes fixed outbound IP addresses used when making MCP tool calls to external servers:
IPv4: 160.79.104.0/21
Source: Anthropic IP addresses documentation
OpenAI (ChatGPT)
OpenAI publishes egress IP ranges in a JSON file that is updated periodically:
URL: https://openai.com/chatgpt-actions.json
The file contains ~128 CIDR blocks. Because the list changes over time, use the JSON file as the source of truth rather than hardcoding specific ranges.
Source: OpenAI Actions production notes
Apache (.htaccess) example
# Allowlist Anthropic (Claude Desktop/Web)
SetEnvIf X-Forwarded-For "160\.79\.10[4-9]\." noauth
SetEnvIf X-Forwarded-For "160\.79\.11[01]\." noauth
AuthType Basic
AuthName "Restricted"
AuthUserFile /path/to/.htpasswd
Require valid-user
Satisfy any
Order allow,deny
Allow from env=noauth
Allow from 160.79.104.0/21
Nginx example
# Allowlist Anthropic (Claude Desktop/Web)
satisfy any;
allow 160.79.104.0/21;
# Add OpenAI ranges from chatgpt-actions.json as needed
deny all;
auth_basic "Restricted";
auth_basic_user_file /path/to/.htpasswd;
IP ranges may change over time. Check the provider documentation periodically:
- Anthropic: platform.claude.com/docs/en/api/ip-addresses
- OpenAI: openai.com/chatgpt-actions.json
Even when allowlisting IPs to bypass HTTP basic auth, the MCP endpoint still requires a valid OAuth access token. IP allowlisting only removes the HTTP basic auth layer — OAuth 2.1 authentication remains fully enforced.