kotlin-sdk-server/io.modelcontextprotocol.kotlin.sdk.server/StreamableHttpServerTransport

StreamableHttpServerTransport

class StreamableHttpServerTransport(configuration: StreamableHttpServerTransport.Configuration) : AbstractTransport(source)

Server transport for Streamable HTTP: this implements the MCP Streamable HTTP transport specification. It supports both SSE streaming and direct HTTP responses.

In stateful mode:

Session ID is generated and included in response headers
Session ID is always included in initialization responses
Requests with invalid session IDs are rejected with 404 Not Found
Non-initialization requests without a session ID are rejected with 400 Bad Request
State is maintained in-memory (connections, message history)

In stateless mode:

No Session ID is included in any responses
No session validation is performed

Parameters

configuration

Transport configuration. See Configuration for available options.

Constructors

StreamableHttpServerTransport

constructor(configuration: StreamableHttpServerTransport.Configuration)

constructor()

constructor(enableJsonResponse: Boolean = false, enableDnsRebindingProtection: Boolean = false, allowedHosts: List<String>? = null, allowedOrigins: List<String>? = null, eventStore: EventStore? = null, retryIntervalMillis: Long? = null)

Secondary constructor for StreamableHttpServerTransport that simplifies initialization by directly taking the configurable parameters without requiring a Configuration instance.

Types

Configuration

class Configuration(val enableJsonResponse: Boolean = false, val enableDnsRebindingProtection: Boolean = false, val allowedHosts: List<String>? = null, val allowedOrigins: List<String>? = null, val eventStore: EventStore? = null, val retryInterval: Duration? = null, val maxRequestBodySize: Long = DEFAULT_MAX_REQUEST_BODY_SIZE)

Configuration options for StreamableHttpServerTransport.

Properties

sessionId

var sessionId: String?

session identifier assigned after initialization, or null in stateless mode

Functions

open suspend override fun close()

closeSseStream

suspend fun closeSseStream(requestId: RequestId)

Closes the SSE stream associated with the given requestId, prompting the client to reconnect. Useful for implementing polling behavior for long-running operations.

handleDeleteRequest

suspend fun handleDeleteRequest(call: ApplicationCall)

Handles an HTTP DELETE request by closing the session and the transport.

handleGetRequest

suspend fun handleGetRequest(session: ServerSSESession?, call: ApplicationCall)

Handles an HTTP GET request by establishing a standalone SSE stream for server-initiated notifications.

handlePostRequest

suspend fun handlePostRequest(session: ServerSSESession?, call: ApplicationCall)

Handles POST requests containing JSON-RPC messages

handleRequest

suspend fun handleRequest(session: ServerSSESession?, call: ApplicationCall)

Handles an incoming HTTP request, whether GET, POST or DELETE

onClose

open override fun onClose(block: () -> Unit)

onError

open override fun onError(block: (Throwable) -> Unit)

onMessage

open override fun onMessage(block: suspend (JSONRPCMessage) -> Unit)

send

open suspend override fun send(message: JSONRPCMessage, options: TransportSendOptions?)

setOnSessionClosed

fun setOnSessionClosed(block: (String) -> Unit?)

A callback for session close events This is called when the server closes a session due to a DELETE request. Useful in cases when you need to clean up resources associated with the session. Note that this is different from the transport closing, if you are handling HTTP requests from multiple nodes you might want to close each StreamableHTTPServerTransport after a request is completed while still keeping the session open/running.

setOnSessionInitialized

fun setOnSessionInitialized(block: (String) -> Unit?)

A callback for session initialization events This is called when the server initializes a new session. Useful in cases when you need to register multiple mcp sessions and need to keep track of them.

setSessionIdGenerator

fun setSessionIdGenerator(block: () -> String?)

Function that generates a session ID for the transport. The session ID SHOULD be globally unique and cryptographically secure (e.g., a securely generated UUID, a JWT, or a cryptographic hash)

start

open suspend override fun start()