Azure API Management (MCP server)
Type: low-code · Vendor: Microsoft Azure · Language: proprietary · License: proprietary · Status: active · Status in practice: emerging · First released: 2025-05-19
Azure API Management exposes a managed REST API as a remote MCP server, turning selected API operations one-to-one into agent-callable tools and applying API Management policies to govern every tool call.
Description. Azure API Management can expose a REST API it manages as a remote Model Context Protocol server through its built-in AI gateway. A developer selects one or more API operations to expose as tools that MCP clients call over the MCP protocol. API Management policies apply to all operations exposed as tools, so the same gateway controls access, authentication, and rate limiting for the MCP server. Agents such as GitHub Copilot, Semantic Kernel, or Copilot Studio call the hosted MCP endpoint.
Agent loop shape. A developer selects API operations from a managed REST API to expose as MCP tools, and API Management creates an MCP server with a server URL. An MCP client agent adds that server and calls the tools over the MCP protocol; on each call the AI gateway evaluates the policies configured at global and MCP-server scope, applying access control, authentication, and rate limiting before forwarding the request to the backend API.
Primary use cases
- exposing managed REST APIs as MCP servers
- one-to-one mapping of API operations to agent tools
- policy-governed access control over agent tool calls
- rate limiting and authentication for MCP tools
Key concepts
- AI gateway → mcp (docs) — The built-in API Management capability that fronts the exposed API as an MCP server and applies the gateway's existing access, authentication, and traffic controls to MCP tool traffic.
- Tools (exposed API operations) → direct-api-wrapper (docs) — Each selected REST API operation becomes one MCP tool; the set of exposed operations is managed in the MCP server's Tools blade and can be changed after creation.
- Policy scopes (global and MCP-server) → policy-as-code-gate (docs) — API Management policies attach at multiple scopes; the global (all-APIs) scope is evaluated before the per-MCP-server scope, so an organisation-wide rule and a server-specific rule both apply to each tool call.
Patterns this low-code implements —
- ★★Model Context Protocol
API Management hosts the API as a remote MCP server through its built-in AI gateway, giving agents a standard MCP endpoint (Server URL) to discover and call the exposed operations as tools.
- ★Direct API Wrapper
Azure API Management exposes a managed REST API as an MCP server by turning selected API operations one-to-one into agent-callable MCP tools.
- ★★Rate Limiting
API Management policies apply to all operations exposed as tools, letting the gateway cap calls to the MCP server's tools — for example five calls per 30 seconds per IP address — alongside access and…
- ★Policy-as-Code Gate
Every MCP tool call passes through API Management's XML policies, configured at global and MCP-server scope and evaluated before the request reaches the backend, so access, authentication, and other…
Neighbourhood
Click any neighbour to follow the lineage. Scroll to zoom, drag to pan.
Alternatives & relatives
- full-code · framework
Stainless (API MCP server architecture)
Both turn an existing REST API into agent-callable MCP tools; Stainless generates an MCP server from an OpenAPI spec, while API Management exposes an already-managed API through its gateway.
- full-code · framework
Open Policy Agent (OPA)
API Management evaluates its own XML policies inline; teams that want a separate, language-neutral policy decision point can pair the gateway with an external engine like OPA for authorization decisi…
References
Provenance
- Last analyzed:
- Last updated:
- Verification status: partial