Protected MCP Server Demo

An ASP.NET Core implementation of a Model Context Protocol (MCP) server, secured with Azure Entra ID (Active Directory). This project demonstrates how to expose functionality (simple math tools) to LLMs via MCP while enforcing enterprise-grade security and Role-Based Access Control (RBAC).

Purpose of this tool is to demonstrate two things:

1. How you can protect your MCP server with Azure AD/Entra ID.
2. How to implement Role-based Access Control (RBAC) for different tools exposed by your MCP server.

Features

• Model Context Protocol Implementation: Exposes tools to AI assistants using the standardized MCP specification.
• Tools: Includes basic math operations (Add, Subtract, Multiply, Divide).
• Secure by Default:
  • Protected by Azure Entra ID (OAuth2/OpenID Connect).
  • Uses JWT Bearer Token authentication.
  • Implements granular RBAC (Role-Based Access Control) on a per-tool basis.

Prerequisites

• .NET SDK: Version 10.0 (or compatible preview/standard version).
• Azure Account: For creating an App Registration and deploying the Web App.
• Azure CLI: For deployment scripts.
• MCP Client: A client capable of connecting to an MCP server that supports authentication credentials. This code makes use of VS Code as an authorized MCP client.

Getting Started

1. Azure Setup (Entra ID)

You need to register an application in your Azure Entra ID tenant to handle authentication.

1. Create App Registration:

   • Go to the Azure Portal > Microsoft Entra ID > App registrations.
   • New registration > Name it (e.g., "Protected MCP Server").
   • For account type, choose Accounts in this organizational directory only (Single Tenant).
   • For redirect URI, start with http://localhost:5284. If you have already deployed the web app in Azure, add it's URL later in the redirect URI section after creation.
   • Note down the Application (client) ID and Directory (tenant) ID. This will be needed later on.

2. Define App Roles:

   • In the App Registration blade, go to App roles.

   • Create the following roles (set allowed member types to Users/Groups):

     Display name	Value	Description	Allowed member types
     Add Tool User	add-tool-user	Users in this role will be able to invoke "Add" tool.	Users/Groups
     Subtract Tool User	subtract-tool-user	Users in this role will be able to invoke "Subtract" tool.	Users/Groups
     Multiply Tool User	multiply-tool-user	Users in this role will be able to invoke "Multiply" tool.	Users/Groups
     Divide Tool User	divide-tool-user	Users in this role will be able to invoke "Divide" tool.	Users/Groups

3. Expose an API:

   • In App Registration > Expose an API.
   • Set the Application ID URI (e.g., api://<client-id>).
   • Add a scope:
     • Click Add a scope.
     • Scope name: access_as_user.
     • Who can consent?: Admins and users.
     • Enter valid display names and descriptions.
     • Ensure state is Enabled and click Add scope.
   • Authorized client applications:
     • Click Add a client application.
     • Enter the VS Code client ID: aebc6443-996d-45c2-90f0-388ff96faa56.
     • Select the authorized scopes to allow VS Code to request tokens for your API.

4. Assign Roles:

   • Go to Enterprise Applications (search for your app name).
   • Go to Users and groups > Add user/group > Select a user > Select the appropriate role/s.
   • Note: Only users with the assigned role can successfully invoke the corresponding tool.

2. Configuration

Update appsettings.json in ProtectedMcpServerDemo or use environment variables.

appsettings.json:

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "your-tenant.onmicrosoft.co

... [View full README on GitHub](https://github.com/gmantri/protected-mcp-server-demo#readme)