Skip to main content

Build and register a Model Context Protocol (MCP) server

The Model Context Protocol (MCP) provides a standard interface for AI agents to interact with APIs and external services. When you need to integrate private or internal enterprise systems that don’t have existing MCP server implementations, you can build your own custom server. This article shows you how to create a remote MCP server using Azure Functions, register it in a private organizational tool catalog using Azure API Center, and connect it to Foundry Agent Service. This approach enables you to securely integrate internal APIs and services into the Microsoft Foundry ecosystem, allowing agents to call your enterprise-specific tools through a standardized MCP interface.

Prerequisites

Agent Service connects only to publicly accessible MCP server endpoints.

Understand the request flow

The high-level flow looks like this:
  1. You deploy an MCP server (this article uses Azure Functions) that exposes one or more MCP tools.
  2. You optionally register the server in Azure API Center so it shows up in an organizational tool catalog.
  3. In Foundry portal, you connect the MCP server to Agent Service.
  4. When an agent needs a tool, Agent Service calls your MCP server endpoint.
  5. Your MCP server validates the request, calls your internal API, and returns the tool result.

Build an MCP server by using Azure Functions

Azure Functions is a serverless compute service that provides scale-to-zero capability, burst scaling, and enterprise features including identity-based access and virtual networking. The lightweight programming model makes it straightforward to build MCP servers so you can focus on implementing your business logic rather than infrastructure management.
  1. Open a terminal or command prompt and navigate to the folder where you want to create your project.
  2. Run the azd init command to initialize the project from this sample MCP server template: 
    azd init --template remote-mcp-functions-python -e mcpserver-python
  3. Review the sample code structure. The template includes:
    • Function definitions for MCP endpoints.
    • Configuration for authentication and authorization.
    • Deployment scripts for Azure.
  4. Customize the MCP server functions to expose your specific APIs and services. Modify the function code to implement the tools and capabilities your agents need.
  5. Test your MCP server locally by using the Azure Functions Core Tools: 
    func start
  6. Deploy your MCP server to Azure by using the Azure Developer CLI: 
    azd up
    Follow the prompts to select your Azure subscription and resource group.
  7. After deployment completes, save the following information for later steps:
    • Remote MCP server endpoint: https://{function_app_name}.azurewebsites.net/runtime/webhooks/mcp
    • Authentication information: For access key authentication, note the mcp_extension system key in the Azure portal.
    If you prefer a CLI workflow to retrieve function access keys, see Work with access keys in Azure Functions.
For additional implementation details including advanced authentication patterns and troubleshooting, refer to the tutorial Host an MCP server on Azure Functions.

Secure your MCP server endpoint

Before you share your MCP server with others, define and apply a security baseline:
  • Require authentication. Avoid anonymous access unless your scenario explicitly needs it.
  • Treat credentials as secrets. Don’t hard-code keys in code or check them into source control. Store secrets in a secure store such as Azure Key Vault.
  • Implement least privilege for downstream calls. If your MCP server calls internal APIs, scope permissions to only what the exposed tools need.
  • Log and monitor tool calls. Use Azure Functions logging to trace requests and troubleshoot failures.
For Agent Service authentication patterns (for example, key-based authentication, Microsoft Entra identities, and OAuth identity passthrough), see MCP server authentication. For governance and operational guidance when you run MCP tools, see Foundry MCP Server best practices and security guidance.

Register your MCP server in the organizational tool catalog

When you register your MCP server in Azure API Center, you create a private organizational tool catalog. This step is optional but recommended for sharing MCP servers across your organization with consistent governance and discoverability. To register your MCP server:
  1. Sign in to the Azure portal and go to your Azure API Center resource.
The API Center name becomes your private tool catalog name in the registry filter. Choose an informative name that helps users identify your organization’s tool catalog.
  1. In the left navigation pane, expand Inventory and select Assets.
  2. Select Register an asset and choose MCP server.
  3. Provide the required information about your MCP server.
  4. Configure environments and deployments following the tutorial: Add environments and deployments for APIs in Azure API Center.
  5. Configure authentication for your MCP server (optional): In the left navigation pane of your API Center resource, select Governance > Authorization.
Screenshot showing the Azure API Center authorization configuration page with Governance menu expanded.
  1. Select Add configuration.
  2. Choose the security scheme that matches your MCP server requirements:
    • API Key: Developers provide the API key during tool configuration in Foundry
    • OAuth: Configure OAuth 2.0 authentication parameters
    • HTTP: Configure bearer token authorization
  3. Provide the required authentication details for your selected scheme.
If you choose API Key authentication, the key you store in Azure Key Vault isn’t automatically used in Foundry. Developers must provide the API key when configuring the MCP server connection.
  1. Configure access management (optional): a. Go to your registered MCP server in API Center. b. Select Details > Versions > Manage Access (preview). c. Configure which users or groups can access this MCP server through the organizational catalog.
After registration, your MCP server appears in the Foundry tool catalog with the governance and authentication settings you configured.

Connect the MCP server to Agent Service

You can connect your MCP server to Agent Service through the organizational tool catalog (if you registered it) or as a custom MCP tool.

Connect using the organizational tool catalog

If you registered your MCP server in Azure API Center, users with appropriate access can discover and configure it:
  1. In Foundry portal, go to your project.
  2. Go to Build > Tools or open Agent Builder.
  3. Browse the organizational tool catalog to find your registered MCP server.
  4. Follow the configuration guidance displayed in the tool catalog to add the server to your agent.

Connect using a custom MCP tool

If you don’t register your MCP server in the organizational catalog, add it directly as a custom tool:
  1. In Foundry portal, go to your project.
  2. Go to Build > Tools or open Agent Builder.
  3. Select Add tool > Custom > Model Context Protocol.
  4. Enter your MCP server details:
    • Name: Unique name for your remote MCP server
    • Remote MCP Server endpoint: Enter your remote MCP server endpoint URL (for example, https://{function_app_name}.azurewebsites.net/runtime/webhooks/mcp)
    • Authentication: Select the authentication method. For Key-based authentication, provide the following credential:
      • Credential: "x-functions-key": "{mcp_extension_system_key}"
  5. Select Connect to register the custom MCP tool.
For detailed configuration steps (including project connections and approval workflows), see Connect to Model Context Protocol servers (preview). After connecting your MCP server, agents in your Foundry project can call the tools and functions exposed by your custom server.

Verify the MCP server works end to end

After you deploy and connect the server, verify that the server is discoverable and that an agent can successfully invoke a tool.
  1. In Foundry portal, confirm the MCP server appears in your project tool list.
  2. Create an agent (or open an existing agent) and add the MCP server tool.
  3. Run a prompt that should require one of your MCP tools.
  4. If approval is enabled, review the tool name and arguments, then approve the call.
  5. Confirm the tool call succeeds. If the tool call fails, open the Function App logs in Azure portal to confirm the MCP endpoint was invoked and to diagnose errors.

Troubleshooting

Here are some common issues you might encounter when building and connecting your MCP server:
  • MCP server connection fails: Confirm the server URL is publicly reachable and uses the MCP webhook path (/runtime/webhooks/mcp). Check the Function App logs in Azure portal for errors.
  • Authentication errors (401/403): Verify you’re using the correct key or token for the authentication method you selected. Rotate keys that might have been exposed, and update any saved credentials.
  • Tool discovery problems: If you registered the server in Azure API Center, confirm the API is published and you have access to it. If you added a custom tool, confirm the endpoint URL is correct.
  • Tool call succeeds but an internal API fails: Review your MCP server logs to confirm what request was sent to the downstream API. Verify the MCP server identity or API credentials have the required permissions.

Clean up resources

When you’re done, delete Azure resources created by the template to avoid ongoing charges.
  1. In your MCP server project folder, run: 
    azd down --purge
  2. If you registered the server in Azure API Center, remove the API entry if you no longer need it.

Related content