fix: read MCP_API_KEY to avoid Railway shared variable conflict

DevanshuNEU · DevanshuNEU · commit f7de41b512da · 2026-03-07T14:56:06.000-05:00
Railway shares env vars across services in the same project.
The backend's API_KEY (dev-secret-key) was overriding the MCP
service's ci_ key at runtime, causing 401 on every tool call.

MCP_API_KEY takes precedence over API_KEY when both are set.
diff --git a/mcp-server/config.py b/mcp-server/config.py
@@ -10,7 +10,9 @@
 
 BACKEND_BASE_URL = os.getenv("BACKEND_API_URL", "http://localhost:8000")
 BACKEND_API_URL = f"{BACKEND_BASE_URL}{API_PREFIX}"
-API_KEY = os.getenv("API_KEY", "")
+# MCP_API_KEY takes precedence over API_KEY to avoid conflicts
+# when Railway shares env vars across services in the same project
+API_KEY = os.getenv("MCP_API_KEY", "") or os.getenv("API_KEY", "")
 
 SERVER_NAME = "codeintel-mcp"
 SERVER_VERSION = "0.5.0"
