I ran into the same issue. I created a prompt with an MCP server. It works initially but once I close and re-open the prompt, the path changes to / and the prompt is unable to connect to the MCP server.
The playground sends the request to make a prompt with POST and the URL you specify. The return from that call literally places <redacted> as the path when sending back the “server_url” field of the JSON to its POST API.
Then it’s prompt listing and individual prompt ID API request also returns the same path.
It will work in that same playground instance, but merely reusing the playground URL https://platform.openai.com/chat/edit?prompt=pmpt_... you get the bad path in the function.
It seems the underlying intention is to never present that URL data again, like an API key. That is, if the prompt is working in a call by using it’s ID
Guess you could run your MCP “prompt” if you’re into that kind of thing.
NOPROMPT
Otherwise, “get code” never having created a prompt.
See how to make the MCP tool call.
See how to not use a server state, because even playground programmers rightfully don’t use previous_response_id.
See another bug where the system message is neither in “input” or in “instructions” of code if you haven’t edited that field again.
Then figure this out: update the model to one that wasn’t cancelled, save a new prompt version. The API call is made with the prompt ID but the system message box is toast.
I’ve shared this thread with my account rep at OpenAI. They say the Engineering team is aware of the issue. I’ll report back if/when I get an update and/or a workaround.
I’ve been in contact with OpenAI reps and support. There is unfortunately no workaround, but they’re working on a fix, hoping to have it sometime this week or next.
Just jumping in on this thread as I am experiencing the same issue currently when using an MCP server cloudflare connection on a audio project, the moment I update the project it is unable to load tools.
Alright, OpenAI hasn’t made progress on this, so I’m going to share my super hacky workaround.
First, we’ll just have to have our MCP server listen at /<redacted>. Hopefully you have an implementation that allows you to do that. Second, for authentication, we’ll have to rely on the name of our Custom Header(s) for security, since their values will automatically be set to REDACTED. Maybe set a couple of them, or set the name to something hard to guess. This means you’ll need to be able to implement some custom authentication where you can check for the existence of these header(s) as your security measure.
If you can do these things, you should be able to workaround this issue.
Misery loves company, glad I’m not the only one scratching my head at this!
I like @Tom_Duffield’s approach! My solution was to use a subdomain (e.g. mcp.[domainname].com), because only pathnames seem to get the redacted treatment.
This makes me wonder how many people are using the custom MCP feature in Responses API.
