Microsoft
Microsoft
MicrosoftSure discuss here - its just these forums seem a bit clunky :-) for a lot of dialogue.
Not seen any proposal in the C#SDK. To validate a key passed in the http payload is just standard .NET coding ... i dont think it would be needed in the SDK.
thx,
this is my code in the client:
// Add HTTP client transport for MCP server (adjust the URL as needed)
var transport_http = new SseClientTransport(
new SseClientTransportOptions
{
Endpoint = new Uri("http://localhost:7071/"), // Replace with your MCP server's HTTP endpoint
Name = "MCP SSE Server",
OAuth = new()
{
ClientId = config["Identity:ClientId"],
ClientSecret = config["Identity:ClientSecret"],
// TenantId = config["Identity:TenantId"],
Scopes = [config["Identity:ScopeName"]],
RedirectUri = new Uri("http://localhost:7071/signin-oidc"), // Adjust as needed
// AuthorizationRedirectDelegate = HandleAuthorizationUrlAsync,
// Authority = $"https://login.microsoftonline.com/{config["Identity:TenantId"]}/v2.0"
}
}
);
IMcpClient mcpClient = await McpClientFactory.CreateAsync(transport_http);
var tools = await mcpClient.ListToolsAsync();I was hoping that I could authenticate with clientId/Secret this way, but this wont work.
If I get you right you would suggest to leave away the OAuth structure, but creating and connectin the client this way, how would I pass a token between client and server using the mcp sdk?
Any suggestion?
Thx
Markus
Microsoftyes - im thinking OAUTH is not the way to go .
isn't it something like ... (ive not tried it - but if I was tweak the code at ColorsMCP/MCPClient/Program.cs at main · markharrison/ColorsMCP )
var payload = new Dictionary<string, object?>()
{
["name"] = "Red"
};// Add key
payload["Key"] = "KeyValue";var result = await client.CallToolAsync(
"GetColor",
payload,
cancellationToken: CancellationToken.None);
You (obviously) would want to get the key from configuration or something like keyvault ... rather than hard-coding in the source code.
Hi Mark,
this doesnt work. my tools are called by the LLM, and the LLM cannot pass secrets to the tool in a reliable or safe manner. I need something when I call McpClientFactory.CreateAsync() to check an api key or secret....
But I cannot find a way there to customize anything.
thank you, good idea!
I patched the mcp csharp sdk to implement a client-credential-flow, but this would need changes in the SDK. your idea is much simpler and straight forward!
Hi Mark,
this doesnt work. my tools are called by the LLM, and the LLM cannot pass secrets to the tool in a reliable or safe manner. I need something when I call McpClientFactory.CreateAsync() to check an api key or secret....
But I cannot find a way there to customize anything.