Blog Post
Smart AI Integration with the Model Context Protocol (MCP) ... part 5
Sure discuss here - its just these forums seem a bit clunky :-) for a lot of dialogue.
Not seen any proposal in the C#SDK. To validate a key passed in the http payload is just standard .NET coding ... i dont think it would be needed in the SDK.
thx,
this is my code in the client:
// Add HTTP client transport for MCP server (adjust the URL as needed)
var transport_http = new SseClientTransport(
new SseClientTransportOptions
{
Endpoint = new Uri("http://localhost:7071/"), // Replace with your MCP server's HTTP endpoint
Name = "MCP SSE Server",
OAuth = new()
{
ClientId = config["Identity:ClientId"],
ClientSecret = config["Identity:ClientSecret"],
// TenantId = config["Identity:TenantId"],
Scopes = [config["Identity:ScopeName"]],
RedirectUri = new Uri("http://localhost:7071/signin-oidc"), // Adjust as needed
// AuthorizationRedirectDelegate = HandleAuthorizationUrlAsync,
// Authority = $"https://login.microsoftonline.com/{config["Identity:TenantId"]}/v2.0"
}
}
);
IMcpClient mcpClient = await McpClientFactory.CreateAsync(transport_http);
var tools = await mcpClient.ListToolsAsync();
I was hoping that I could authenticate with clientId/Secret this way, but this wont work.
If I get you right you would suggest to leave away the OAuth structure, but creating and connectin the client this way, how would I pass a token between client and server using the mcp sdk?
Any suggestion?
Thx
Markus
- Mark Harrison (UK)Jul 24, 2025
Microsoft
yes - im thinking OAUTH is not the way to go .
isn't it something like ... (ive not tried it - but if I was tweak the code at ColorsMCP/MCPClient/Program.cs at main · markharrison/ColorsMCP )
var payload = new Dictionary<string, object?>()
{
["name"] = "Red"
};// Add key
payload["Key"] = "KeyValue";var result = await client.CallToolAsync(
"GetColor",
payload,
cancellationToken: CancellationToken.None);You (obviously) would want to get the key from configuration or something like keyvault ... rather than hard-coding in the source code.
- mbuchberger1967Jul 29, 2025Copper Contributor
Hi Mark,
this doesnt work. my tools are called by the LLM, and the LLM cannot pass secrets to the tool in a reliable or safe manner. I need something when I call McpClientFactory.CreateAsync() to check an api key or secret....
But I cannot find a way there to customize anything. - mbuchberger1967Jul 29, 2025Copper Contributor
thank you, good idea!
I patched the mcp csharp sdk to implement a client-credential-flow, but this would need changes in the SDK. your idea is much simpler and straight forward!- mbuchberger1967Jul 29, 2025Copper Contributor
Hi Mark,
this doesnt work. my tools are called by the LLM, and the LLM cannot pass secrets to the tool in a reliable or safe manner. I need something when I call McpClientFactory.CreateAsync() to check an api key or secret....
But I cannot find a way there to customize anything.