Expose and govern an existing MCP server

APPLIES TO: Basic | Basic v2 | Standard | Standard v2 | Premium | Premium v2

This article shows how to use API Management to expose and govern an existing remote Model Context Protocol (MCP) server - a tool server hosted outside of API Management. Expose and govern the server's tools through API Management so that MCP clients can call them using the MCP protocol.

Example scenarios include:

• Proxy LangChain or LangServe tool servers through API Management with per-server authentication and rate limits.
• Securely expose Azure Logic Apps–based tools to copilots using IP filtering and OAuth.
• Centralize MCP server tools from Azure Functions and open-source runtimes into Azure API Center.
• Enable GitHub Copilot, Claude by Anthropic, or ChatGPT to interact securely with tools across your enterprise.

API Management also supports MCP servers natively exposed in API Management from managed REST APIs. For more information, see Expose a REST API as an MCP server.

Learn more about:

• MCP server support in API Management
• AI gateway capabilities

Limitations

The following limitations apply to this preview. Preview features are subject to change, so check back for updates.

• The external MCP server must conform to MCP version 2025-06-18 or later. The server must support:

  • Either no authorization, or authorization protocols that comply with the following standards: https://modelcontextprotocol.io/specification/2025-06-18/basic/authorization#standards-compliance
  • Streamable HTTP transport

  Important

  Servers conforming to older MCP versions or using only SSE transport are not supported.

• API Management supports MCP server tool capabilities, but not MCP resources or prompts.

• MCP server capabilities aren't supported in API Management workspaces.

Prerequisites

• If you don't already have an API Management instance, complete the following quickstart: Create an Azure API Management instance.

  • The following service tiers are supported for preview: classic Basic, Standard, Premium, Basic v2, Standard v2, or Premium v2.
  • In the classic Basic, Standard, or Premium tier, you must join the AI Gateway Early update group to access MCP server features. Allow up to 2 hours for the update to be applied.

• Access to an external MCP-compatible server (for example, hosted in Azure Logic Apps, Azure Functions, LangServe, or other platforms).

• Appropriate credentials to the MCP server (such as OAuth 2.0 client credentials or API keys, depending on the server) for secure access.

• If you’ve enabled diagnostic logging via Application Insights or Azure Monitor at the global scope (All APIs) for your API Management service instance, ensure that the Number of payload bytes to log setting for Frontend Response is set to 0. This prevents unintended logging of response bodies across all APIs and helps ensure proper functioning of MCP servers. To log payloads selectively for specific APIs, configure the setting individually at the API scope, allowing targeted control over response logging.

• To test the MCP server, you can use Visual Studio Code with access to GitHub Copilot.

Expose an existing MCP server

Follow these steps to expose an existing MCP server is API Management:

1. In the Azure portal, navigate to your API Management instance.
2. In the left-hand menu, under APIs, select MCP servers > + Create MCP server.
3. Select Expose an existing MCP server.
4. In Backend MCP server:
   1. Enter the existing MCP server base URL. Example: https://learn.microsoft.com/api/mcp for the Microsoft Learn MCP server
   2. InTransport type, Streamable HTTP is selected by default.
5. In New MCP server:
   1. Enter a Name the MCP server in API Management.
   2. In Base path, enter a route prefix for tools. Example: mytools
   3. Optionally, enter a Description for the MCP server.
6. Select Create.

• The MCP server is created and the remote server's operations are exposed as tools.
• The MCP server is listed in the MCP Servers pane. The Server URL column shows the MCP server URL to call for testing or within a client application.

Configure policies for the MCP server

Configure one or more API Management policies to help manage the MCP server. The policies are applied to all API operations exposed as tools in the MCP server and can be used to control access, authentication, and other aspects of the tools.

Learn more about configuring policies:

• Policies in API Management
• Transform and protect your API
• Set and edit policies
• Secure access to MCP server

To configure policies for the MCP server:

1. In the Azure portal, navigate to your API Management instance.

2. In the left-hand menu, under APIs, select MCP Servers.

3. Select an MCP server from the list.

4. In the left menu, under MCP, select Policies.

5. In the policy editor, add or edit the policies you want to apply to the MCP server's tools. The policies are defined in XML format. For example, you can add a policy to limit calls to the MCP server's tools (in this example, 5 calls per 30 seconds per client IP address).

   <rate-limit-by-key calls="5" renewal-period="30" counter-key="@(context.Request.IpAddress)" remaining-calls-variable-name="remainingCallsPerIP" />
   

   

Validate and use the MCP server

Use a compliant LLM agent (such as GitHub Copilot, Semantic Kernel, or Copilot Studio) or a test client (such as curl) to call the API Management-hosted MCP endpoint. Ensure that the request includes appropriate headers or tokens, and confirm successful routing and response from the MCP server.

Add the MCP server in Visual Studio Code

In Visual Studio Code, use GitHub Copilot chat in agent mode to add the MCP server and use the tools. For background about MCP servers in Visual Studio Code, see Use MCP Servers in VS Code.

To add the MCP server in Visual Studio Code:

1. Use the MCP: Add Server command from the Command Palette.

2. When prompted, select the server type: HTTP (HTTP or Server Sent Events).

3. Enter the Server URL of the MCP server in API Management. Example: https://<apim-service-name>.azure-api.net/<api-name>-mcp/mcp (for MCP endpoint)

4. Enter a Server ID of your choice.

5. Select whether to save the configuration to your workspace settings or user settings.

   • Workspace settings - The server configuration is saved to a .vscode/mcp.json file only available in the current workspace.

   • User settings - The server configuration is added to your global settings.json file and is available in all workspaces. The configuration looks similar to the following:

   

Add fields to the JSON configuration for settings such as authentication header. The following example shows the configuration for an API Management subscription key passed in a header as in input value. Learn more about the configuration format

Use tools in agent mode

After adding an MCP server in Visual Studio Code, you can use tools in agent mode.

1. In GitHub Copilot chat, select Agent mode and select the Tools button to see available tools.

   

2. Select one or more tools from the MCP server to be available in the chat.

   

3. Enter a prompt in the chat to invoke the tool. For example, if you selected a tool to get information about an order, you can ask the agent about an order.

   Get information for order 2
   

   Select Continue to see the results. The agent uses the tool to call the MCP server and returns the results in the chat.

   

Troubleshooting and known issues

Related content

• Sample: MCP Servers authorization with Protected Resource Metadata (PRM)

• Sample: Secure remote MCP servers using Azure API Management (experimental)

• MCP client authorization lab

• Use the Azure API Management extension for VS Code to import and manage APIs

• Register and discover remote MCP servers in Azure API Center

• Expose REST API in API Management as an MCP server

• Expose and govern existing MCP server