Skip to Content
Back to changelog

Refresh remote sessions on demand, consistent controls on every list page, and per-server MCP analytics

Organization admins can now force a remote session to refresh its tokens without waiting for them to expire. Every list page gets the same unified toolbar for search, filters, sort, and view, with new Status and Source filters on the MCP page. And MCP activity can now be sliced per server, including from your Codex sessions.

Features

  • “Refresh now” for remote sessions #3481  - Organization admins can force an upstream token refresh on a single remote session regardless of its current expiry. The Sessions tab offers the action only for sessions that can actually be refreshed, clear “Unable to refresh” reasons surface when an upstream rejects the token, and each refresh is audited. (Author: @bflad )
  • One unified toolbar across every list page #3489  - Search, filters, sort, and view controls are consolidated into a single contained toolbar on every list page, with uniform control heights and a shared filter schema. The MCP page gains Status and Source filters, and “Reset to default” now clears every filter at once. (Author: @adaam2 )
  • Per-server MCP analytics #3467  - MCP runtime telemetry now records mcp_server_id, so you can slice activity from either the remote or the fronting-server perspective and filter analytics by a specific MCP server. (Author: @bflad )
  • Shadow MCP observability from Codex sessions #3357  - Codex sessions report your configured MCP servers to Gram on session start, giving shadow MCP servers the same observability as Gram-managed ones and letting access approvals scope to the server URL. (Author: @danielkov )
  • List cost-bearing chat sessions for cost analysis #3510  - A new organization-scoped endpoint lists cost-bearing chat sessions filtered by the same dimensions as the existing telemetry query, making it easier to break down spend by session. (Author: @subomi )

Bug fixes

  • Reliable multi-client routing for remote sessions #3484  - The MCP runtime resolves a per-issuer token map and re-authenticates when an attached remote session is missing or invalid, with an attach-time guard that keeps at most one client per issuer pair so dispatch fails closed rather than routing to the wrong upstream. (Author: @bflad )

Last updated on

AI everywhere.

Control here.

Talk to usLearn more