MCP Connector "Resource not found" - tools/call never reaches server

Environment

• ChatGPT Apps SDK with MCP Server (TypeScript)
• @modelcontextprotocol/sdk with StreamableHTTPServerTransport
• Server exposed via ngrok

Issue

ChatGPT connects to MCP server during connector refresh, but tools/call requests never reach the server. Returns “Resource not found” and “Unknown Connector” errors.

What Works

• initialize - succeeds
• tools/list - returns tools correctly
• resources/read - widget loads correctly
• MCP Inspector - tools/call works
• Direct curl - tools/call works

What Fails

• ChatGPT UI - tools/call never reaches server
• Shows “Unknown Connector” and “No tool response”

Server Logs

Connector Refresh (works):

[MCP] method: initialize ✓
[MCP] method: tools/list ✓
[MCP] method: resources/read ✓

Tool Invocation (fails):

(No request received - tools/call never reaches server)

This may be related to:

I have the same issue, this happens sporadic, but it’s like 50/50 it will work inside ChatGPT or not.
Reported the bug already, but no response for about a month, since I got the problem the first time.
Usually to get it working again, I’m refreshing the connector and closing the webpage completely. Problem is worse on GPT-5.2 - it often just refuses to use MCP, like connector does not exist. With GPT-5 and GPT-5.1 tools are invoked, but no actual requests are sent to the MCP Server. At the time tool invocation not woring; triggered connector refresh operation (Init/New Session/List Tools/Read Resource) are sent to the server and processed correctly.
So MCP Connector init/auth always working, tool invocations are randomly failing.

I have the same issue I think, running my own connector in ChatGPT’s developer mode.
Asking the GPT-5.2 to do 5 MCP calls in a row is pretty much guaranteed to cause an error - it does 0-4 requests successfully but eventually fails with Resource not found on one of the calls without failed request ever reaching the server, then on top of that it receives {"finite": true} while trying to list resources and ends up completely confused. After prompt is returned to user, it can run a few calls again before hitting the same issue, and it can’t recover from it until the next chat message. Something seems to be broken.

I’m getting the same issue here. I have a long-running task (deep research) on an MCP server. ChatGPT kicks of the research, and then I have a “status” tool call that ChatGPT calls. But after 10-15 calls, it receives the Resource not found(like you mentioned) and then quits polling the MCP server and just does its own research.

The frustrating thing is that this worked like 2 weeks ago (although you always had to hit the “Approve” button for each status check), and then it just quit working. It’s definitely an issue on OpenAI’s side.

My client (fortune 500 company) was excited to use this in ChatGPT. I had to tell them to use the Claude web interface (which worked without any problem at all). They’re getting the impression that ChatGPT isn’t very business friendly. Common OpenAI – help us out!

This has also been an issue for me. There is no debug information from my server to point to anything being wrong. In my logs I see no 4XX or 5xx, the first POST /message to SSE and subsequent GETs are all working fine, I even see the response from my server logs when chat GPT fails with that message. Can someone from their side look into this?

Happening for me too, has been driving me crazy thinking it was my side, but after seeing this discussion it sounds like its Open AI’s side. Hopefully they read this?! I’ve just started with this kind of work, anybody here been doing it longer and had this work in the past successfully? ie. have they recently broken something do you think?

Hey guys, I swear I just hit up the MCP mid roll out or something, but now I get the name of my app at the bottom of my chat window in a “chip” and also when the tool usually flakes out it offered to re-connect to my MCP server / App within the chat window. Huge improvement! Anyone else seen this before now? Also can anyone get their “side loaded” app to work outside of Developer Mode?

Hey everyone, Can someone please confirm if the issue still persists? Our team is happy to take a look at it! Thank you!

Yes the issue still persists. The http stream seems to last a bit longer while sse drops only after a few calls.

Thank you for confirming. We have our engineering team take a look at this issue. We will provide an update very soon here. Thank you!

Hey everyone, our engineering team is taking a look at this issue and it would be very helpful if you can record the HAR file while reproducing the issue and share the failing request ids from the HAR with us so we can use it to identify the root cause. Thank you!

Additionally, If you can share detailed steps to reproduce this issue. It will be immensely helpful.

I can confirm this is still an issue and I will try to get more details about how to replicate it

Issue: ChatGPT Developer Mode MCP stale link_<id> route failure

Steps to reproduce a client-side MCP connector failure in ChatGPT Developer Mode
against a remote streaming-HTTP MCP server over HTTPS. ChatGPT Client exhibits this issue, while Codex and other MCP clients do not.

The visible error is:

Resource not found: /<app_name>/link_<id>/<tool_name>.

What appears to be happening is that ChatGPT maintains an internal,
session-scoped route like /<app_name>/link_<id>/<tool_name> for MCP tool
calls. At some point during a chat session, that internal route becomes stale
or invalid. When it does, ChatGPT returns Resource not found before any
tools/call reaches the MCP backend.

What I verified from logs:

1. The failing call has no backend request_id or event_id.
2. Surrounding successful calls do have backend IDs and appear normally in MCP
   server logs.
3. Searching backend logs for the failing link_<id> shows no matching
   request.
4. A single tools/list refresh can restore normal operation, which suggests
   ChatGPT rebuilt its internal tool routing state.
5. In some sessions, once the first Resource not found appears, ChatGPT then
   prompts for OAuth again. After completing that OAuth flow, the same tools
   start working again.

This is the strongest claim I can make from the evidence. OAuth or reconnect
behavior may amplify the problem, but the core proven failure is stale
client-side tool routing before backend dispatch. The observed OAuth challenge
looks like a recovery path that rebuilds connector state, not proof that OAuth
itself is the root cause.

Setup and Reproduction

Exact stack used:

• Python 3.12
• fastmcp 2.14.5
• fastapi 0.135.1
• uvicorn 0.41.0
• httpx 0.28.1
• authlib 1.6.9
• Remote MCP server over streaming HTTP
• Structured MCP request logging with method, path, tool name, status, and
  request/correlation ID

Auth/provider shape used:

• OAuth provider: Supabase Auth
• Authorization code + PKCE
• OIDC enabled
• Confidential client
• Static client ID/client secret entered manually in ChatGPT app setup
• Token endpoint auth method: client_secret_post
• ChatGPT auth mode: Mixed
• Resource set to https://<server-domain>

Steps to reproduce:

1. Create a ChatGPT Developer Mode app against https://<server-domain>/mcp.
2. Configure OAuth/OIDC as above and complete login successfully.
3. In one fresh chat, repeatedly call a small stable read-only tool set, in my case:
   • system.info
   • projects.list
   • plans.list
   • plan.read
   • plan.search
4. Continue until ChatGPT returns:
   • Resource not found: /<app_name>/link_<id>/<tool_name>.
5. Check backend MCP logs for the failing window.

Observed reproductions:

• Run 1:
  • first failure on call 6
  • tool: plans.list
  • error: Resource not found: /<app_name>/link_<id>/plans.list.
  • no backend request for the failed call
  • post-refresh retry was blocked by ChatGPT safety checks
• Run 2:
  • first failure on call 5
  • tool: projects.list
  • error: Resource not found: /<app_name>/link_<id>/projects.list.
  • no backend request for the failed call
  • one tools/list refresh changed callable paths from /<app_name>/link_...
    to /<app_name>/...
  • immediate retry succeeded
  • subsequent calls completed successfully

I can confirm I have a similar / the same issue, however, I have No Auth selected and I’m using stateless sessions and all tools are read only. The calls never reach my side when they fail.

The issue is otherwise the same as what other people have mentioned, but on a once off I got this:

Request:

{
“path”: “//link_<id>/tool”,
“args”: {
“itemId”: ,
“limit”: 20
}
}

and the response:

This tool call was blocked by OpenAI’s safety checks. Please double check what you are sending.

Hi, I just realized I missed your request for the HAR file, is there a more private way to share that?

pls provide a private way to send the HAR, or send me a dm and I’ll provide a link.

Heres a better report, also a workaround.

In ChatGPT Developer Mode, MCP tools may be advertised using link-scoped routes such as:

/<connector>/link_<id>/<tool>

Those advertised routes can later fail with:

Resource not found: /<connector>/link_<id>/<tool>

even though the equivalent native route:

/<connector>/<tool>

continues to work for the same tool call.

Observed behavior suggests the issue is not just “the link ID changed.” Instead, the host appears to maintain a deeper connector dispatch/session state behind visible MCP routes. Link-scoped routes are the unstable layer: they can become non-dispatchable, recover later, or be replaced by a freshly advertised linked route, while the native route remains usable throughout.

Expected behavior
If a route is advertised as callable, it should either:

• dispatch successfully, or
• return a normal backend/tool-level error.

If the link-scoped form is not reliably dispatchable, it should not be exposed as the primary callable route. The host should either:

• expose only the native route, or
• normalize the linked form to the native form before dispatch.

Actual behavior
The advertised linked form may work initially, then later return:

Resource not found: /<connector>/link_<id>/<tool>

with no corresponding backend request IDs for the failing call.

At the same time, the equivalent native route:

/<connector>/<tool>

can still work normally and return backend IDs.

What was observed
Across repeated sessions and many direct tool calls, the following patterns were reproduced:

1. Linked route healthy, then stale

   • A link-scoped route is advertised and works for multiple calls.
   • Later, the same visible linked route starts returning Resource not found.

2. Failure occurs before backend dispatch

   • Successful calls have normal backend request_id / event_id.
   • Resource not found calls do not.

3. The same visible linked route can fail and later work again

   • So visible link_<id> identity alone is not the true unit of validity.

4. Native/linkless routes remain usable during linked-route failure windows

   • The direct/native route /<connector>/<tool> continues to work while the linked route is dead.
   • This held for both cheap/readiness calls and auth-required read-only calls.

5. A fresh linked route can be republished while native routes are already healthy

   • New linked routes may appear during the degraded window.
   • Sometimes a newly advertised linked route is immediately usable.
   • Sometimes it is visible before it is actually dispatchable.

6. Repeated linked-route failures may escalate into auth/approval challenges

   • The auth challenge is not always the first symptom.
   • In observed runs, one or more linked-route failures could occur first.
   • Accepting the challenge can correlate with a fresh linked route being issued.

Most likely issue
This looks like a host-side mismatch between:

• the advertised route surface, and
• the currently dispatchable route surface.

The evidence fits a model where:

• native routes are the stable dispatch surface,
• linked routes are ephemeral session bindings layered on top,
• and those linked bindings can become invalid independently of the visible route string.

In other words, the problem appears broader than simple visible link_<id> churn. A linked route may:

• go stale,
• later recover,
• be replaced by a fresh linked route,
• or trigger auth escalation after repeated failure.

Impact
This causes the host to advertise tool routes that are not reliably callable. From the user/tooling side:

• the tool appears available,
• the published linked path may fail pre-dispatch,
• the equivalent native path may still be healthy,
• and repeated use of the linked path may trigger unnecessary auth/reconnect flows.

Practical workaround
Normalize any advertised linked route of the form:

/<connector>/link_<id>/<tool>

to the native route:

/<connector>/<tool>

before dispatch.

In observed cases, using the native route avoided the stale linked-route failure.

Suggested area to investigate

• link-scoped MCP routes are being advertised even when only the native route is actually dispatchable,
• route publication and route dispatch readiness are derived from different internal states,
• repeated failures on stale linked routes are incorrectly feeding into downstream auth/approval logic.

Hey everyone, Our team is actively looking into this issue. We will soon have an update for you. Thanks for raising this issue!

I’m also getting this message consistently when using ChatGPT with the GitHub Application

https://chatgpt.com/apps/github/connector_76869538009648d5b282a4bb21c3d157

This tool call was blocked by OpenAI’s safety checks. Please double check what you are sending.

The message comes from the create_file and update_file tools.

As noted in this thread, the call doesn’t go to the GitHub server, so no JSON is returned. The plain text response comes from the OpenAI server.

Regarding “safety checks”. The content of files docs/providers.md and docs/design-principles.md included text about investments, trading, and finance - all relevant text that was discussed in the ChatGPT session without issue.

I hope this helps the investigation. Thanks.

Apologies this is taking a bit more time but our team is actively working to fix this issue. Thanks!