itinai content

←back to Blog

Microsoft Brings MCP to Azure Logic Apps (Standard) in Public Preview, Turning Connectors into Agent Tools

Microsoft Brings MCP to Azure Logic Apps (Standard) in Public Preview, Turning Connectors into Agent Tools

Understanding the Target Audience

The primary audience for this update includes IT professionals, developers, and business managers who utilize Azure Logic Apps for workflow automation. Their pain points often revolve around the complexity of integrating various systems, ensuring secure access to workflows, and maintaining operational efficiency. Their goals include streamlining processes, enhancing productivity, and leveraging existing tools to create more efficient workflows. They are interested in technical specifications, integration capabilities, and best practices for implementation. Communication preferences lean towards detailed technical documentation, tutorials, and community forums for peer support.

Overview of the MCP Public Preview

Microsoft has released a public preview that enables Azure Logic Apps (Standard) to function as Model Context Protocol (MCP) servers. This allows Logic Apps workflows to be exposed as agent tools that can be discovered and called by MCP-capable clients, such as Visual Studio Code with Copilot.

Key Features of the Release

  • Remote MCP server on Logic Apps (Standard): Configure a Standard logic app to host an MCP endpoint (/api/mcp) and expose HTTP Request/Response workflows as tools. Authentication is managed by Easy Auth, with MCP endpoints defaulting to OAuth 2.0.
  • API Center registration path (preview): Create and register MCP servers in Azure API Center, where selected managed connector actions become tools with cataloging and governance.

Technical Specifications

Key requirements and transport details include:

  • Workflow shape: Tools must be implemented as an HTTP Request trigger («When a HTTP request is received») plus a Response action.
  • Authentication & access control: MCP uses OAuth 2.0 by default, with Easy Auth enforcing client, identity, and tenant restrictions. App Service authentication must allow unauthenticated requests, as the MCP flow still performs OAuth.
  • Transports: Streamable HTTP works out of the box, while Server-Sent Events (SSE) requires VNET integration and specific settings.
  • Enablement switch: MCP APIs are enabled by adding extensions.workflow.McpServerEndpoints.enable=true in host.json.

API Center Path Limitations

When creating MCP servers via API Center backed by Logic Apps, the current preview imposes several limitations:

  • Start with an empty Standard logic app resource.
  • One connector per MCP server.
  • Built-in service-provider and custom connectors are not supported; only managed connectors are allowed.
  • One action per tool.

Why Standard Logic Apps?

Standard Logic Apps run on a single-tenant runtime (on Azure Functions), supporting multiple workflows per app and direct integration with virtual networks and private endpoints. This setup is crucial for safely exposing private systems to agents while ensuring predictable throughput and latency. In contrast, Consumption Logic Apps are multitenant, support a single workflow per app, and operate on a pay-per-execution model.

Tooling Semantics and Discoverability

To enhance agent tool selection and invocation reliability, Microsoft recommends adding trigger descriptions, parameter schemas, and required markers. These annotations are read by MCP clients and influence calling behavior.

Operations, Governance, and Testing

Run history, along with Application Insights and Log Analytics, are available for diagnostics and auditability. VS Code provides quick client validation via MCP: Add Server, which includes OAuth sign-in and tool enumeration. Registering via API Center facilitates discovery and governance of MCP servers across teams.

Production Notes

For production use, note that:

  • SSE requires both VNET and the cross-worker setting; without these, use streamable HTTP.
  • Easy Auth must be configured precisely, including the «allow unauthenticated» toggle, or client sign-in flows may fail despite OAuth expectations.
  • Throttling, idempotency, and schema versioning remain the user’s responsibility when wrapping connectors as tools.

Conclusion

The public preview effectively enables MCP for Logic Apps (Standard), allowing users to expose HTTP-based workflows as OAuth-protected tools. Users can catalog these tools in the API Center and access private systems through single-tenant networking. For teams already invested in Logic Apps, this presents a low-friction, standards-aligned approach to operationalizing enterprise agent tooling, while being mindful of API Center limits, SSE prerequisites, and Easy Auth configurations during rollout.

For more details, visit the official documentation.

Image Resources

External illustration