New in MCP Specification 2025-11-25: Experimental support for Tasks (long-running operations with progress tracking), Tool Annotations (metadata about tool behavior for safety), URL Mode Elicitation (requesting specific URL content from clients), and enhanced Roots (workspace context management). See the MCP Specification changelog for full details.
Learning objectives
By the end of this module, you will be able to:- Implement multi-modal capabilities within MCP frameworks
- Design scalable MCP architectures for high-demand scenarios
- Apply security best practices aligned with MCP’s security principles
- Integrate MCP with enterprise AI systems and frameworks
- Optimize performance and reliability in production environments
Lessons in this module
5.1 Azure Integration
Integrate your MCP server with Azure services
5.2 Multi-modal samples
Audio, image, and multi-modal response examples
5.3 OAuth2 demo
Spring Boot OAuth2 as Authorization and Resource Server
5.4 Root contexts
Workspace context management with Roots
5.5 Routing
Request routing strategies across tools and servers
5.6 Sampling
Work with MCP sampling for model-driven decisions
5.7 Scaling
Horizontal and vertical scaling approaches
5.8 Security
Secure your MCP server end-to-end
5.9 Web search
Python server + SerpAPI for real-time web search
5.10 Real-time streaming
Real-time data streaming over MCP
5.11 Real-time web search
Standardized real-time web search with MCP
5.12 Entra ID authentication
Microsoft Entra ID for MCP server auth
5.13 Azure AI Foundry agents
Integrate MCP servers with Azure AI Foundry agents
5.14 Context engineering
Context optimization and dynamic context management
5.15 Custom transport
Implement custom transport mechanisms
5.16 Protocol features deep dive
Progress notifications, cancellation, resource templates, error patterns
Key topic areas
Multi-modal integration
MCP extends beyond text processing to support image, audio, and video models. Multi-modal implementations:- Standardize prompt formats across different modalities
- Enable cross-modal reasoning in a single protocol session
- Allow AI agents to process screenshots, audio transcripts, and structured data alongside text
Scalability
Enterprise deployments need to handle varying loads without degrading performance. MCP supports:- Horizontal scaling — multiple server instances behind a load balancer
- Vertical scaling — optimizing a single server instance’s resource usage
- Stateless design — enabling scale-out without sticky sessions
- Caching — reducing redundant computation for repeated requests
Security best practices
MCP’s security model is built around explicit user consent, minimal privilege, and defense-in-depth:Authentication
Authentication
Require proper authentication before granting access to tools, resources, or sensitive operations. Use API keys, OAuth tokens, or Microsoft Entra ID for enterprise deployments.Lesson 5.12 covers Entra ID authentication in depth, showing how to configure cloud-based identity and access management for your MCP server.
Authorization
Authorization
Input validation
Input validation
Validate all tool invocation parameters before execution. Reject malformed or malicious input before it reaches tool implementations.
Rate limiting
Rate limiting
Implement rate limiting to prevent abuse and ensure fair usage. Lesson 5.8 demonstrates rate limiting patterns for MCP servers.
Audit logging
Audit logging
Log all tool invocations, resource accesses, and authentication events for compliance and debugging. Azure Monitor integrates directly with MCP server deployments.
Enterprise integration
MCP integrates with enterprise AI systems through standardized interfaces:- Azure OpenAI — connect enterprise LLMs to your MCP tools and resources
- Azure AI Foundry — orchestrate multi-agent workflows with standardized tool access (lesson 5.13)
- Microsoft Entra ID — enterprise identity and access management (lesson 5.12)
- Azure API Management — gateway for remote MCP server deployments
OAuth2 with MCP
Lesson 5.3 demonstrates a minimal Spring Boot application that implements OAuth2 with MCP as both an Authorization Server and a Resource Server. The sample covers:- Secure token issuance and validation
- Protected MCP endpoint configuration
- Azure Container Apps deployment
- API Management integration
Real-time streaming
Lesson 5.10 covers real-time data streaming — critical for applications that require immediate access to information. You’ll learn how MCP standardizes streaming context management across AI models and applications.Web search integration
Lesson 5.9 builds a Python MCP server and client that integrates with SerpAPI for real-time web, news, product search, and Q&A. It demonstrates:- Multi-tool orchestration in a single session
- External API integration patterns
- Robust error handling for unreliable external sources
Exercise
Design an enterprise-grade MCP implementation for a specific use case:- Identify multi-modal requirements for your use case
- Outline the security controls needed to protect sensitive data
- Design a scalable architecture that handles varying load
- Plan integration points with enterprise AI systems
- Document potential performance bottlenecks and mitigation strategies
Additional resources
MCP Specification
Full protocol specification (2025-11-25)
OWASP MCP Top 10
Security risks and mitigations for MCP
Azure OpenAI documentation
Connect enterprise LLMs to your MCP tools
Microsoft AI Foundry
Orchestrate multi-agent AI workflows
Key takeaways
- Multi-modal MCP implementations extend AI capabilities beyond text processing
- Scalability requires thoughtful architecture choices — both horizontal and vertical approaches are valid
- Comprehensive security measures, including authentication, authorization, and rate limiting, are non-negotiable for production
- Enterprise integration with Azure OpenAI and Azure AI Foundry significantly extends MCP capabilities
- Advanced MCP implementations benefit from optimized architectures and careful resource management
Next: Community Contributions
Learn how to contribute to the MCP ecosystem
Back: Practical Implementation
Review SDKs, pagination, and Azure deployment