What Is the Azure MCP Server?
Microsoft publishes two official MCP (Model Context Protocol) servers that connect AI coding agents to Azure. The Azure MCP Server handles infrastructure: Storage, Cosmos DB, Monitor, Kubernetes, Container Apps, and deployment. The Azure DevOps MCP Server handles project management: work items, pipelines, repos, wikis, and test plans.
Both servers run on your local machine. Your Azure credentials stay local, authenticated through the same az login you already use. The MCP protocol translates natural language requests from your AI agent into Azure API calls, with access controlled by your existing Azure RBAC permissions.
Two Servers, One Workflow
The Azure MCP Server and Azure DevOps MCP Server are separate packages with different scopes. You can run both simultaneously in the same AI client. The infrastructure server manages cloud resources. The DevOps server manages project artifacts. Together they cover the full Azure development lifecycle.
Supported Azure Services
The Azure MCP Server exposes tools for interacting with Azure services through your AI agent. Each tool category maps to a specific Azure service, and all operations go through your existing Azure RBAC permissions.
| Service | Key Tools | What You Can Do |
|---|---|---|
| Azure Blob Storage | Container + blob CRUD, read/upload | Create containers, upload files, list and read blobs, delete objects |
| Azure Cosmos DB | Container + item CRUD, SQL queries | Create databases/containers, read/write/query items with SQL, manage throughput |
| Azure Monitor | KQL queries, workspace listing | Run KQL queries against Log Analytics, list workspaces and tables, view activity logs |
| Azure Kubernetes (AKS) | Cluster listing, config retrieval | List and get AKS cluster details, retrieve cluster configurations and status |
| Azure Container Apps | App management, log retrieval | Manage Container Apps, fetch deployment logs, check application status |
| Azure App Configuration | Key-value CRUD | Read, write, and delete configuration key-value pairs across environments |
| Azure Deploy (azd) | Deploy + log tools | Deploy apps with Azure Developer CLI, fetch post-deployment logs for troubleshooting |
| Azure CLI | General az commands | Run Azure CLI commands through the agent for services not covered by dedicated tools |
The tool set continues to grow. Microsoft merges the Azure MCP Server into the broader microsoft/mcp repository on GitHub, and new service integrations ship regularly. The server auto-updates when you use npx -y @azure/mcp@latest.
Installation and Authentication
Prerequisites
- Node.js 20+ (required for both MCP servers)
- Azure CLI installed and authenticated (
az login) - Azure subscription with appropriate RBAC permissions
Install the Azure MCP Server
You can run the server on demand with npx or install it globally for faster startup.
On-demand (recommended)
npx -y @azure/mcp@latest server startGlobal install
npm install -g @azure/mcp@latest
azure-mcp-server startInstall the Azure DevOps MCP Server
On-demand with organization name
npx -y @azure-devops/mcp your-org-nameAuthentication
Both servers use DefaultAzureCredential from the Azure Identity SDK. This means they automatically discover credentials from whichever method you have configured, tried in this order:
- Environment variables (service principal credentials)
- Managed identity (when running in Azure)
- Azure CLI (
az login, most common for local development) - Visual Studio / VS Code (signed-in accounts)
- Interactive browser (fallback)
For most developers, az login is all you need. The server picks up your active session and uses your account's RBAC permissions to authorize every operation.
Security Model
The MCP servers run locally. Credentials never leave your machine. Every Azure API call respects your RBAC assignments, so the agent can only do what your account can do. All operations are logged to an audit://azure-operations resource for traceability.
Configuration for AI Clients
Claude Code
Add the Azure MCP Server to Claude Code with a single command. This registers it as a local MCP server available in agent mode.
Add Azure MCP Server to Claude Code
# Azure infrastructure server
claude mcp add azure-mcp -- npx -y @azure/mcp@latest server start
# Azure DevOps server (replace with your org name)
claude mcp add azure-devops -- npx -y @azure-devops/mcp contosoCursor
Add the server in Cursor Settings > Tools & Integrations > New MCP Server, or edit ~/.cursor/mcp.json directly for global availability.
~/.cursor/mcp.json
{
"mcpServers": {
"azure-mcp": {
"command": "npx",
"args": ["-y", "@azure/mcp@latest", "server", "start"]
},
"azure-devops": {
"command": "npx",
"args": ["-y", "@azure-devops/mcp", "contoso"]
}
}
}VS Code with GitHub Copilot
Create a .vscode/mcp.json file in your project root. VS Code supports input prompts for dynamic values like organization names.
.vscode/mcp.json
{
"inputs": [
{
"id": "ado_org",
"type": "promptString",
"description": "Azure DevOps organization name"
}
],
"servers": {
"azure-mcp": {
"type": "stdio",
"command": "npx",
"args": ["-y", "@azure/mcp@latest", "server", "start"]
},
"azure-devops": {
"type": "stdio",
"command": "npx",
"args": ["-y", "@azure-devops/mcp", "${input:ado_org}"]
}
}
}Visual Studio 2026
The Azure MCP Server is built into Visual Studio 2026 with no separate installation required. It ships as a generally available feature with native integration into Copilot agent mode.
Azure DevOps MCP Server
The Azure DevOps MCP Server is a separate package from Microsoft that gives AI agents access to your Azure DevOps organization. It covers nine domains and runs locally, so project data stays on your machine.
Work Items
Create and update Epics, Features, Stories, and Tasks. Query work items with WIQL. Manage comments, attachments, and links between items.
Pipelines
Queue, cancel, and retry builds. List pipeline runs and download build logs. Monitor pipeline status from your editor.
Repositories
List repos in a project, browse file contents, get branch/ref information, and read repository statistics without switching context.
Test Plans
Create and manage test plans and suites. Add test cases, assign them to suites, and fetch test results programmatically.
Wiki & Search
Read and search wiki pages. Run cross-project code and work item searches directly from your AI agent.
Advanced Security
Query security alerts, review code scanning results, and manage vulnerability findings from Azure DevOps Advanced Security.
| Domain | Key Operations | Auth Method |
|---|---|---|
| Work Items | Create, update, query (WIQL), comments, attachments | Azure CLI / PAT |
| Pipelines | Queue, cancel, retry, list runs, download logs | Azure CLI / PAT |
| Repositories | List, browse files, get refs, read stats | Azure CLI / PAT |
| Test Plans | Create plans/suites, add test cases, get results | Azure CLI / PAT |
| Wiki | Read pages, search content | Azure CLI / PAT |
| Search | Code search, work item search across projects | Azure CLI / PAT |
| Advanced Security | Query alerts, review scanning results | Azure CLI / PAT |
Cloud MCP Server Comparison
All three major cloud providers now ship official MCP servers. The breadth of coverage varies significantly.
| Feature | Azure MCP | AWS MCP | GCP MCP |
|---|---|---|---|
| Official servers | 2 (Azure + DevOps) | 60+ | ~10 |
| Repository | github.com/microsoft/mcp | github.com/awslabs/mcp | github.com/googleapis/gcloud-mcp |
| Auth method | DefaultAzureCredential (CLI, MI, SP) | IAM credentials | gcloud CLI / ADC |
| IDE integration | VS 2026 built-in, VS Code, Cursor | VS Code, Cursor | VS Code, Cursor |
| Project management | Azure DevOps MCP (work items, pipelines) | No official equivalent | No official equivalent |
| Database tools | Cosmos DB (SQL queries, CRUD) | DynamoDB, RDS | BigQuery, Spanner |
| Storage tools | Blob Storage (container + blob CRUD) | S3 (bucket + object ops) | GCS (bucket + object ops) |
| Monitoring | Log Analytics (KQL queries) | CloudWatch | Cloud Logging |
| Audit logging | Built-in audit resource | CloudTrail | MCP interaction logging |
| License | MIT | Apache 2.0 | Apache 2.0 |
AWS has the broadest coverage with 60+ servers spanning its entire product catalog. Azure has deeper integration with developer tooling through Visual Studio 2026 and Azure DevOps. GCP has the smallest server count but includes granular read-only/read-write controls and comprehensive logging.
For teams running Azure DevOps for project management, the Azure DevOps MCP Server is the clear differentiator. No other cloud provider ships an official MCP server for work items, pipelines, and test management.
Use Cases
Production Log Triage
Ask your agent to query Log Analytics for error spikes. It runs KQL queries against your workspace, surfaces relevant log entries, and correlates them with recent deployments. No need to switch to the Azure Portal.
Database Operations
Create Cosmos DB containers, run SQL queries, and manage items through natural language. Your agent handles the API calls while you focus on the query logic. Useful for data exploration and schema prototyping.
Sprint Planning from Your Editor
With the DevOps MCP Server, create and assign work items, break down features into tasks, and update story points without leaving your coding environment. Agents can read existing items for context.
Deployment Troubleshooting
After running azd up, the deploy tools fetch logs from Container Apps, App Services, and Function Apps. Your agent reads the logs and suggests fixes without manual log diving.
Infrastructure Inventory
List AKS clusters, Storage accounts, and Cosmos DB databases across subscriptions. Get cluster status, node counts, and configuration details through conversational queries.
CI/CD Pipeline Management
Queue builds, check pipeline status, download logs from failed runs, and retry builds from your AI agent. Especially useful during code review when you need to verify build results.
WarpGrep + Azure MCP: Code and Infrastructure in One Agent
The Azure MCP Server gives your agent access to infrastructure. WarpGrep gives it access to your codebase. Running both MCP servers together creates an agent that understands your code and the cloud environment it runs in.
Practical example: you ask "why is the checkout endpoint slow?" WarpGrep finds the relevant handler code and its database queries. The Azure MCP Server queries Log Analytics for latency metrics on that endpoint. The agent correlates slow Cosmos DB queries in the code with actual performance data from production, and suggests both a code fix and a throughput adjustment.
This is the compound effect of MCP servers. Each server adds a capability. Together they give the agent enough context to reason across layers of your stack, from source code to infrastructure metrics.
WarpGrep MCP Server
Semantic codebase search across your entire repository. Finds code by meaning, not keywords. 8 parallel tool calls per turn for fast context gathering.
Azure MCP Server
40+ tools for Azure infrastructure management. Query logs, manage databases, check cluster status, and deploy applications through natural language.
Frequently Asked Questions
What is the Azure MCP Server?
Microsoft's official implementation of the Model Context Protocol for Azure services. It lets AI coding agents interact with Azure Storage, Cosmos DB, Monitor, Kubernetes, Container Apps, and deployment tooling through natural language. It runs locally, authenticates via Azure CLI or managed identity, and works with Claude Code, Cursor, VS Code, and Visual Studio 2026.
How do I install the Azure MCP Server?
Run npx -y @azure/mcp@latest server start for on-demand usage, or npm install -g @azure/mcp@latest for a global install. You need Node.js 20+ and must be signed into Azure with az login.
What is the difference between Azure MCP Server and Azure DevOps MCP Server?
The Azure MCP Server connects to Azure cloud infrastructure (Storage, Cosmos DB, Monitor, AKS). The Azure DevOps MCP Server connects to Azure DevOps project management (work items, pipelines, repositories, wikis, test plans). They are separate npm packages that can run simultaneously in the same AI client.
Does the Azure MCP Server work with Claude Code?
Yes. Run claude mcp add azure-mcp -- npx -y @azure/mcp@latest server start to register it. For Azure DevOps, use claude mcp add azure-devops -- npx -y @azure-devops/mcp your-org-name. Both work in Claude Code's agent mode once registered.
Is the Azure MCP Server secure?
The server runs locally and never sends credentials to external services. Every operation respects your Azure RBAC permissions. All API calls are logged to an audit resource. Credentials are managed through the official Azure Identity SDK, not stored or cached by the MCP server itself.
Can I use a service principal instead of Azure CLI?
Yes. Set the AZURE_CLIENT_ID, AZURE_TENANT_ID, and AZURE_CLIENT_SECRET environment variables. The DefaultAzureCredential chain picks these up automatically. This is the recommended approach for CI/CD pipelines and shared environments.
Which Azure services are supported?
As of March 2026: Blob Storage, Cosmos DB, Monitor (Log Analytics), Azure Kubernetes Service, Container Apps, App Configuration, deployment tooling (azd), and general Azure CLI passthrough. The tool set expands with each release.
Related Pages
Add Semantic Code Search to Your Azure Workflow
WarpGrep's MCP server indexes your codebase and runs alongside Azure MCP. Your agent searches code by meaning while querying Azure infrastructure. One agent, full stack context.