Azure ML MCP Server
Deploys an MCP server on Azure Container Apps that exposes Azure ML managed online endpoints as tools, enabling AI agents like Azure AI Foundry to invoke machine learning models via natural language.
README
Azure ML MCP Server on Azure Container Apps
Deploy a Model Context Protocol (MCP) server to Azure Container Apps that exposes Azure ML endpoints as tools for AI agents.
π― What This Does
This project creates an MCP server that:
- Runs on Azure Container Apps (serverless, scales to zero)
- Exposes Azure ML managed online endpoints as MCP tools
- Works with Azure AI Foundry agents, Copilot Studio, and any MCP-compatible client
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β AI Foundry ββββββΆβ MCP Server ββββββΆβ Azure ML β
β Agent β MCP β (Container App)βHTTP β Endpoint β
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
π Prerequisites
- Azure Subscription with permissions to create resources
- Azure ML Managed Online Endpoint deployed and running
- Azure CLI installed (Install Guide)
- Docker installed for local development and building images
- Python 3.11+ for local testing
π Quick Start
1. Clone and Configure
# Clone the repository
git clone <your-repo-url>
cd <your-repo-folder>
# Copy environment template
cp .env.sample .env # Linux/macOS
copy .env.sample .env # Windows CMD
Copy-Item .env.sample .env # Windows PowerShell
# Edit .env with your Azure ML endpoint details
# Get these from Azure ML Studio > Endpoints > Your endpoint > Consume tab
2. Test Locally
# Create virtual environment
python -m venv .venv
.venv\Scripts\activate # Windows
# source .venv/bin/activate # Linux/Mac
# Install dependencies
pip install -r requirements.txt
# Run the server
python server.py
Test with curl:
curl -X POST http://localhost:8080/mcp/mcp \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"tools/list","id":1}'
3. Deploy to Azure
Bash (Linux/macOS/WSL)
# Login to Azure
az login
# Create resource group
az group create --name rg-mcp-server --location eastus
# Update parameters with your Azure ML credentials
# Edit infra/main.parameters.bicepparam
# Deploy infrastructure
az deployment group create \
--resource-group rg-mcp-server \
--template-file infra/main.bicep \
--parameters infra/main.parameters.bicepparam
# Get the ACR name from the output
ACR_NAME=$(az deployment group show -g rg-mcp-server -n main --query properties.outputs.acrName.value -o tsv)
# Build and push Docker image
az acr login --name $ACR_NAME
docker build -t $ACR_NAME.azurecr.io/mcp-server:latest .
docker push $ACR_NAME.azurecr.io/mcp-server:latest
# Restart the container app to pull the new image
az containerapp update \
--name mcp-server \
--resource-group rg-mcp-server
PowerShell (Windows)
# Login to Azure
az login
# Create resource group
az group create --name rg-mcp-server --location eastus
# Update parameters with your Azure ML credentials
# Edit infra/main.parameters.bicepparam
# Deploy infrastructure
az deployment group create `
--resource-group rg-mcp-server `
--template-file infra/main.bicep `
--parameters infra/main.parameters.bicepparam
# Get the ACR name from the output
$ACR_NAME = az deployment group show -g rg-mcp-server -n main --query properties.outputs.acrName.value -o tsv
# Build and push Docker image
az acr login --name $ACR_NAME
docker build -t "$ACR_NAME.azurecr.io/mcp-server:latest" .
docker push "$ACR_NAME.azurecr.io/mcp-server:latest"
# Restart the container app to pull the new image
az containerapp update `
--name mcp-server `
--resource-group rg-mcp-server
4. Get Your MCP Endpoint
az deployment group show \
--resource-group rg-mcp-server \
--name main \
--query properties.outputs.mcpEndpoint.value -o tsv
Your MCP endpoint will be: https://<your-app>.azurecontainerapps.io/mcp/mcp
π€ Connect to Azure AI Foundry
- Go to Azure AI Foundry
- Navigate to your project > Agent > Tools
- Click + New tool > MCP Tool
- Configure:
- Name:
AzureMLScoring(or your preferred name) - Server URL:
https://<your-app>.azurecontainerapps.io/mcp/mcp - Auth Type: None (the app uses managed secrets internally)
- Name:
- Save and test the tool in your agent
π Project Structure
βββ server.py # MCP server with Azure ML tool
βββ requirements.txt # Python dependencies
βββ Dockerfile # Container image definition
βββ .env.sample # Environment variables template
βββ .gitignore # Git ignore rules
βββ .dockerignore # Docker build exclusions
βββ infra/
βββ main.bicep # Azure infrastructure definition
βββ main.parameters.bicepparam # Deployment parameters
π§ Customizing the Tool
β οΈ Important: The example code is configured for an abitrary forecasting model. You must modify
server.pyto match your own Azure ML model's expected input schema (column names, data types) and output format.
Edit server.py to modify the MCP tool:
- Change the function parameters to match your model's inputs
- Update the DataFrame columns to match your model's expected schema
- Modify the docstring to describe your tool accurately (this is what AI agents see)
@mcp.tool()
def invoke_azure_ml_endpoint(
# Change these parameters to match your model's inputs
your_param_1: float,
your_param_2: str,
) -> float:
"""
Update this docstring to describe your tool - AI agents use this to understand
when and how to call your tool.
"""
# Modify the DataFrame columns to match your model's expected schema
df = pd.DataFrame(
[[float(your_param_1), your_param_2]],
columns=["YourColumn1", "YourColumn2"] # Change to your model's column names
)
# The payload structure may need adjustment - test your model in the
# Azure ML Studio 'Test' tab to see the expected format
data = {"input_data": df.to_dict(orient='split')}
# ... rest of the function
π Troubleshooting
421 Misdirected Request Error
If you see this error in logs, ensure you have DNS rebinding protection disabled:
from mcp.server.fastmcp import FastMCP
from mcp.server.transport_security import TransportSecuritySettings
mcp = FastMCP(
"your-server-name",
stateless_http=True,
transport_security=TransportSecuritySettings(enable_dns_rebinding_protection=False)
)
See: GitHub Issue #1798
Container Not Starting
Check logs:
az containerapp logs show \
--name mcp-server \
--resource-group rg-mcp-server \
--follow
Azure ML Endpoint Errors
Verify your endpoint is accessible:
curl -X POST $AML_SCORE_URL \
-H "Authorization: Bearer $AML_API_KEY" \
-H "Content-Type: application/json" \
-d '{"input_data": {"columns": ["col1"], "data": [[1]]}}'
π Resources
- Model Context Protocol
- FastMCP Documentation
- Azure Container Apps
- Azure ML Managed Endpoints
- Azure AI Foundry
β οΈ Production Considerations
This sample is designed for learning and prototyping. Before deploying to production, consider the following:
π Authentication & Authorization
- No endpoint authentication: The MCP endpoint is publicly accessible. For production, consider:
- Azure Container Apps authentication (Easy Auth)
- API key validation in your application code
- Azure API Management as a gateway
- OAuth 2.0 / Microsoft Entra ID integration
π Network Security
- Public ingress: The Container App is exposed to the internet. For enterprise scenarios, consider:
- VNet integration for private networking
- Private endpoints to restrict access
- Network Security Groups (NSGs) to control traffic
- Connecting to Azure ML endpoints via private endpoints
π Secrets Management
- Inline secrets: Secrets are stored directly in Container Apps configuration. For production:
- Use Azure Key Vault with managed identity
- Rotate secrets regularly
- Avoid storing secrets in parameter files (use Azure DevOps/GitHub secrets for CI/CD)
π Monitoring & Observability
- Basic logging only: Consider adding:
- Application Insights for distributed tracing
- Custom metrics for model inference latency and error rates
- Alerting for failures and performance degradation
ποΈ Infrastructure
- Single region: This sample deploys to one region. For high availability:
- Deploy to multiple regions with traffic manager
- Consider Azure Front Door for global load balancing
- Implement health probes and failover strategies
π‘οΈ Additional Enterprise Requirements
- CORS: Currently allows all origins (
*). Restrict to specific domains in production. - Rate limiting: No rate limiting configured. Consider API Management or application-level throttling.
- Compliance: Ensure deployment meets your organization's compliance requirements (SOC 2, HIPAA, etc.)
π License
MIT License - See LICENSE for details.
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.