jlowin/fastmcp v2.13.2

v2.13.2: Refreshing Changes

on GitHub

FastMCP 2.13.2 polishes the authentication stack with fixes for token refresh, scope handling, and multi-instance deployments. Discord joins the growing roster of built-in OAuth providers, Azure and Google token handling gets more reliable, and proxy classes now properly forward icons and titles. This release also adds CSP customization for consent screens and fixes an edge case where $defs could mutate during tool transforms.

Welcome to 7 new contributors who made their first FastMCP contributions in this release!

What's Changed

New Features 🎉

• Add Discord OAuth provider and corresponding tests by @Aisha630 in #2428

Enhancements 🔧

• Bump actions/checkout from 4 to 5 by @dependabot[bot] in #2433
• feat: Made Changes to DescopeProvider to Support New Well Known URLs by @gaokevin1 in #2392
• Scalekit provider updates by @AkshayParihar33 in #2413
• Add consent_csp_policy parameter for CSP customization by @jlowin in #2484
• Add icons support to proxy classes by @jlowin in #2502

Fixes 🐞

• Add refresh token support defaults to GoogleProvider by @jlowin in #2438
• Fix exclude_args with non-serializable types by @jlowin in #2440
• Fix Azure OAuth token refresh with unprefixed scopes by @Neet-Nestor in #2462
• fix: prevent $defs mutation in Tool.from_tool transforms by @jtanningbed in #2493
• Add title attribute to ProxyTool, ProxyResource, … by @CNSeniorious000 in #2497
• Fix OAuth proxy refresh token storage for multi-instance deployments by @jlowin in #2483
• Fix get_access_token() returning stale token after OAuth refresh by @jlowin in #2505
• Fix version badges for icons and website_url; add Discord example by @jlowin in #2509
• Fix Azure provider OIDC scope handling by @jlowin in #2506

Docs 📚

• Update http.mdx by @Shengshenlan in #2446
• Fix version number in VersionBadge: change 2.14.0 to 2.13.0 by @ShaikAyesha17 in #2491
• Add Discord OAuth integration documentation by @jlowin in #2508

Dependencies 📦

• Bump actions/setup-python from 5 to 6 by @dependabot[bot] in #2432
• Bump py-key-value-aio to 0.3.0 by @strawgate in #2437
• Bump actions/checkout from 5 to 6 by @dependabot[bot] in #2474

Other Changes 🦾

• Add extra_authorize_params and extra_token_params to OIDCProxy by @jlowin in #2439

New Contributors

• @Neet-Nestor made their first contribution in #2462
• @Shengshenlan made their first contribution in #2446
• @gaokevin1 made their first contribution in #2392
• @ShaikAyesha17 made their first contribution in #2491
• @jtanningbed made their first contribution in #2493
• @CNSeniorious000 made their first contribution in #2497
• @Aisha630 made their first contribution in #2428

Full Changelog: v2.13.1...v2.13.2