From c4b861570ed8c5ddc3fa93cd54309768745ffbfc Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 18 Dec 2025 15:06:07 +0000 Subject: [PATCH] docs: use environment variables instead of hardcoded tokens Update MCP server examples to read tokens from environment variables rather than hardcoding sensitive values. --- README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b17e154..2c2d9c8 100644 --- a/README.md +++ b/README.md @@ -96,6 +96,7 @@ The SDK supports multiple ways to configure [MCP (Model Context Protocol)](https For existing MCP servers that run as separate processes, use dictionary-based configuration. **You don't need to manually run these servers** - Claude Code automatically spawns and manages them: ```python +import os from claude_agent_sdk import ClaudeAgentOptions, ClaudeSDKClient options = ClaudeAgentOptions( @@ -109,7 +110,7 @@ options = ClaudeAgentOptions( "github": { "command": "npx", "args": ["-y", "@modelcontextprotocol/server-github"], - "env": {"GITHUB_TOKEN": "your-token"} + "env": {"GITHUB_TOKEN": os.environ["GITHUB_TOKEN"]} } }, # Pre-approve specific MCP tools to avoid permission prompts @@ -129,17 +130,19 @@ MCP tool names follow the pattern `mcp____`. For remote MCP servers accessible via HTTP: ```python +import os + options = ClaudeAgentOptions( mcp_servers={ "remote-sse": { "type": "sse", "url": "https://example.com/mcp/sse", - "headers": {"Authorization": "Bearer token"} # Optional + "headers": {"Authorization": f"Bearer {os.environ['MCP_API_TOKEN']}"} }, "remote-http": { "type": "http", "url": "https://example.com/mcp", - "headers": {"Authorization": "Bearer token"} # Optional + "headers": {"Authorization": f"Bearer {os.environ['MCP_API_TOKEN']}"} } } )