diff --git a/core/Microsoft.Mcp.Core/src/Areas/Server/Commands/ServiceStartCommand.cs b/core/Microsoft.Mcp.Core/src/Areas/Server/Commands/ServiceStartCommand.cs
index 6cf551bb1c..10a585e326 100644
--- a/core/Microsoft.Mcp.Core/src/Areas/Server/Commands/ServiceStartCommand.cs
+++ b/core/Microsoft.Mcp.Core/src/Areas/Server/Commands/ServiceStartCommand.cs
@@ -483,10 +483,18 @@ private IHost CreateHttpHost(ServiceStartOptions serverOptions)
                         HttpRequest request = context.Request;
                         string resourceMetadataUrl = $"{request.Scheme}://{request.Host}/.well-known/oauth-protected-resource";
 
+                        context.Response.StatusCode = 401;
+
+                        var header = $"Bearer realm=\"{request.Host}\", resource_metadata=\"{resourceMetadataUrl}\"";
+                        if (!string.IsNullOrEmpty(context.Error))
+                            header += $", error=\"{context.Error}\"";
+                        if (!string.IsNullOrEmpty(context.ErrorDescription))
+                            header += $", error_description=\"{context.ErrorDescription}\"";
+                            
                         // Modify the WWW-Authenticate header to include resource_metadata
-                        context.Response.Headers.WWWAuthenticate =
-                            $"Bearer realm=\"{request.Host}\", resource_metadata=\"{resourceMetadataUrl}\"";
+                        context.Response.Headers.WWWAuthenticate = header;
                     }
+                    context.HandleResponse();
                     return Task.CompletedTask;
                 }
             };