Securing MCP Servers: Role-Based Tool Access with OAuth 2.0 and Azure Entra ID

Learn how to add enterprise-grade security to your Model Context Protocol (MCP) servers in this step-by-step tutorial. We'll implement OAuth 2.0 authentication and role-based authorization to control access to specific tools, allowing you to have both public and secure tools within the same server.

🔒 What You'll Learn:

How to secure MCP server tools using Azure Entra ID (formerly Azure AD).

The difference between public tools and secure, role-protected tools.

How to set up two App Registrations in Entra ID: a server app and a client app.

How to define custom app roles for authorization.

How to configure your .NET MCP server with JWT Bearer authentication and authorization policies.

How to generate and validate OAuth 2.0 access tokens (using v2.0 endpoints).

How to test everything in Postman—connecting with and without a token to see tools appear or hide dynamically.

🛠️ Technologies Used:

MCP Server for .NET (MCP.Server)

ASP.NET Core

Microsoft Authentication Library (JWT Bearer)

Azure Entra ID / Microsoft Identity Platform

Postman (for API testing)

⏱️ Timestamps:
0:00 - Introduction & Demo Overview
2:15 - Creating the Server App Registration in Azure Entra ID
4:30 - Defining App Roles for Security
5:45 - Creating the Client App Registration
7:10 - Setting API Permissions & Granting Consent
8:30 - Creating the .NET MCP Server Project
10:15 - Building Public Tools
12:00 - Building a Secure Tool with the [Authorize] Attribute
14:45 - Configuring Authentication (JWT Bearer) in Program.cs
18:20 - Configuring Authorization Policies for Role-Based Access
20:10 - Setting Up OAuth 2.0 in Postman
23:40 - Getting Tenant ID, Client ID, Client Secret, and Scopes
26:50 - Generating the Access Token
28:30 - Inspecting the Token & Final Server Configuration
30:00 - LIVE DEMO: Connecting to the Server (With/Without Token)
32:45 - Recap and Real-World Use Cases (Free vs. Paid Tools)

📖 Key Concepts Covered:

OAuth 2.0 Client Credentials Flow

JWT (JSON Web Token) Structure and Validation

Role-Based Access Control (RBAC)

MCP Server Authorization Filters

Manifest settings for requestedAccessTokenVersion

💼 Practical Use Case:
This setup is perfect for SaaS platforms or organizations that want to offer a public MCP server with a mix of free tools and premium, secured tools accessible only to customers with valid credentials.

❓ Having Issues?
Make sure you've:

Set "requestedAccessTokenVersion": 2 in your server app's manifest.

Used the v2.0 token endpoint (/v2.0/) in Postman.

Correctly formatted your scope: api://{SERVER_APP_CLIENT_ID}/.default

Added the AddAuthorizationFilter() method when building your MCP server.