Step-by-Step Deployment Guide: MCP Tool Call in Copilot Studio agent with OAuth 2.0

Introduction

Modern development workflows increasingly rely on secure integrations between tools and platforms. Copilot Studio, with its ability to extend functionality through MCP (Model Context Protocol) tools, offers developers powerful customization options. However, when these tools need to access sensitive APIs or user-specific data, robust authentication becomes essential.

OAuth 2.0, particularly the Authorization Code Flow, is the industry standard for secure delegated access. It enables applications to obtain tokens on behalf of users without exposing credentials, ensuring compliance with enterprise security policies. In this guide, we’ll walk through how to configure MCP tools in Copilot Studio using OAuth 2.0 Authorization Code Flow — covering prerequisites, configuration steps, token handling, and best practices for a seamless and secure setup.

Disclaimer & Context

This article focuses on configuring an MCP tool within a Copilot Studio agent using OAuth 2.0 Authorization Code Flow. Every environment is unique, so the approach outlined here should be treated as a starting point rather than a one-size-fits-all solution. You can enhance this setup with additional security measures such as app roles, conditional access policies, or by extending the Python code for advanced scenarios.

We assume readers have a basic understanding of Python, MCP concepts, OAuth 2.0 flows, and some familiarity with Copilot Studio. For deeper dives into these individual technologies, refer to the official documentation linked throughout this article.

Please note:

• This solution reflects the state of the technology at the time of writing. Given the fast-paced nature of these platforms, minor adjustments may be required as features evolve.
• MCP tool integration in Copilot Studio is currently a preview feature, so expect changes and improvements over time.

What is Authorization Code Flow?

The Authorization Code Flow is designed for applications that can securely store a client secret (like server-side apps). It allows the app to obtain an access token on behalf of the user without exposing their credentials. This flow uses an intermediate authorization code to exchange for tokens, adding an extra layer of security.

Steps in the Flow

1. User Authentication
   The user is redirected to the Authorization Server (In this case: Azure AD) to log in and grant consent.
2. Authorization Code Issued
   After successful login, the Authorization Server sends an authorization code to the app via the redirect URI.
3. Token Exchange
   The app sends the authorization code (plus client credentials) to the Token Endpoint to get: Access Token (for API calls) and Refresh Token (to renew access without user interaction)
4. API Access
   The app uses the Access Token to call protected resources.

Below diagram shows the Authorization code flow in detail.

Press enter or click to view image in full size

 

 

Microsoft identity platform and OAuth 2.0 authorization code flow — Microsoft identity platform | Microsoft Learn

High Level Architecture

Press enter or click to view image in full size

 

 

High Level Architecture for MCP server as a backend server and Copilot Studio as a front-end client

Develop MCP server in VS Code

Clone the following repository and open in VS Code.

git clone https://github.com/mafzal786/mcp-server.git

Run the following to execute it locally.

cd mcp-server
uv venv
uv sync
uv run mcpserver.py

Deploy MCP Server as Azure Container App

Deploy the MCP server in Azure container App by running the following command. It can be deployed by many other various ways such as via VS Code or CI/CD pipeline. AZ Cli is used for simplicity.

az containerapp up \
--resource-group <RESOURCE_GROUP_NAME> \
--name streamable-mcp-server2 \
--environment mcp \
--location <REGION> \
--source .

Configure Authentication for Azure Container App

Sign in Azure portal. Visit the container App in Azure and Click “Authentication” as shown below

Press enter or click to view image in full size

 

 

For more details, visit the following link: Enable authentication and authorization in Azure Container Apps with Microsoft Entra ID | Microsoft Learn

Click Add Identity Provider as shown.

 

 

 

Select Microsoft from the drop down and leave everything as is as shown below.

 

 

 

This will create a new app registration for the container App. After it is all setup, it will look like as below.

 

As soon as authentication is configured. it will make container app inaccessible except for OAuth.

Review App Registration of Container App — Backend

1. Visit App registration and click streamable-mcp-server2 as in this case.
2. Click on Authentication tab. Verify the Redirect URIs. you should see a redirect URL for container app. URI will end with /.auth/login/aad/callback as shown in the green box in the below screenshot.

 

 

3. Now click on “Expose an API”. Confirm Application ID URI is configured with scope as shown below. its format isapi://<client id>

 

 

4. Verify API Permission. Make sure you Grant admin consent for your tenant as shown below. More scope can be created depending on the requirement of data access.

 

 

Create App Registration for Client App — Copilot Studio

In these steps, we will be configuring app registration for the client app, such copilot studio in this case acting as a client app. This is also mentioned in the “high level architecture” diagram in the earlier section of this article.

1. Lauch Azure Portal. Visit App registration. Click New registration.

 

 

2. Create a new App registration. leave the Redirect URL as of now, we will configure it later as it is provided by copilot studio when configuring custom MCP connector.

 

 

3. Click on API permission and click “Add a permission”. Click Microsoft Graph and then click “Delegated permissions”. Select email, openid, profile as shown below.

 

 

4. Make sure to Grant admin consent and it should look like as below.

 

5. Create a secret. click “Certificates & secrets”. Create a new client secret by clicking “New client secret”. store the value as it will be masked after some time. if that happens, you can always delete and re-create a new secret.

5. Capture the following as you would need it in configuring MCP tool in Copilot Studio.

• Client ID from the Overview Tab of app registration.

• Client secret from “Certificates & secrets” tab.

6. Configure API permissions for backend which is App registration of Azure container app i.e. streamable-mcp-server2 in this case. Click “API permissions” tab. Click “Add a permission”. Click on “My APIs” tab as shown below and select streamable-mcp-server2.

 

Select “Delegated permissions”

Select the Permissions already created as a result of configuring Authentication for Azure Container App earlier. Click “Add permission”

 

You MUST “Grant admin consent” as final step. It is very important!!! I can’t emphasize more on that. without it, nothing will work!!!

End result of this client app registration should look like as mentioned in the below figure.

 

MCP Tool configuration in Copilot Studio

1. Lauch copilot studio at https://copilotstudio.microsoft.com/. Configuration of environment and agent is beyond the scope of this article. It is assumed, you already have environment setup and agent has been created. Following link will help you, how to create an agent in copilot studio. Quickstart: Create and deploy an agent — Microsoft Copilot Studio | Microsoft Learn
2. Inside agent configuration, Click “Add tool”.

 

 

3. Click on New tool.

 

4. Select Model Context Protocol.

5. Provide all relevant information for MCP server. Make sure your server URL ends with your mcp setup. In this case, it is Azure container app URL with/mcpin the end. Provide server name and server description.

Select OAuth 2.0 radio button.

Provide the following in the OAuth 2.0 section

• Client ID of client app registration. In this case, copilot-studio-client as configured earlier.
• Client secret of copilot-studio-client app registration.
• Authorization URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize
• Token URL template & Refresh URL: https://login.microsoftonline.com/oauth2/v2.0/token
• Scopes: openid, profile, email — which we selected earlier for Microsoft Azure Graph permissions.
• Click “Create”.

This will provide you Redirect URL. you need to configure the redirect URL in client app registration. In this case, it is copilot-agent-client.

 

 

Configure Redirect URL in Client App Registration

Visit client app registration. i.e. copilot-studio-client. Click Authentication Tab and provide the Web Redirect URIs as shown below.

 

 

Modify MCP connector in PowerApps

Now visit the https://make.powerapps.com and open the newly created connector as shown below.

 

 

Change the Resource URL from “Expose an API” in streamable-mcp-server2 app registration. The backend “Application ID URI” and also add .default in the scope. Provide the secret of client app registration as it will not let you update the connector. This is extra security measure for updating the connector in Powerapps.

 

 

Click Update connector.

 

 

CORS Configuration

Congratulation of getting that far!!!, We are getting close to make it work!!!

CORS configuration is a MUST!!! Since our Azure Container App is a remote MCP with totally different domain or origin.

Power Apps and CORS for External Domains — Brief Overview

When embedding or integrating Power Apps with external web applications or APIs, Cross-Origin Resource Sharing (CORS) becomes a critical consideration. CORS is a browser security feature that restricts web pages from making requests to a different domain than the one that served the page, unless explicitly allowed.

Key Points:

• Power Apps hosted on *.powerapps.com or within Microsoft 365 domains will block calls to external APIs unless those APIs include the proper CORS headers.
• The external API must return:
• Access-Control-Allow-Origin: https://apps.powerapps.com (or * for all origins, though not recommended for production)
• Access-Control-Allow-Methods: GET, POST, OPTIONS (or as needed)
• Access-Control-Allow-Headers: Content-Type, Authorization (and any custom headers)
• If the API requires authentication (e.g., OAuth 2.0), ensure preflight OPTIONS requests are handled correctly.
• For scenarios where you cannot modify the external API, consider using:
• Power Automate flows as a proxy
• Azure API Management or Azure Functions to inject CORS headers
• Always validate security implications before enabling wide-open CORS.

If the CORS are not setup. You will encounter following error in copilot studio after pressing F12 (Browser Developer)

 

 

CORS policy — blocking the container app

Azure container app provides very efficient way of configuring CORS in the Azure portal.

1. Lauch Azure Portal. Visit Azure container app i.e. streamable-mcp-server2 in this case.
2. Click on CORS under Networking section.
3. Configure the following in Allowed Origin Section as shown below. localhost is added to make it work from local laptop, although it is not required for Copilot Studio.

 

 

4. Click on “Allowed Method” tab and provide the following.

 

 

5. Provide wild card “*” in “Allowed Headers”tab. Although, it is not recommended for production system. it is done for the sake for simplicity. Configure that for added security

 

 

6. Click “Apply”. This will configure CORS for remote application.

Test the connector

We are in the final stages of configuring the connector. It is time to test it, if everything is configured correctly and works.

1. Lauch the http://make.powerapps.com and click on “Custom connectors”, select your configured connector and click “5. Test” tab as shown below. You will see Selected Connection as blank if you are running it first time. Click “+ New connection”

 

 

2. New connection will launch the Authorization flow and browser dialog will pop up for making a request for authorization code.

 

 

Click “Create”.

 

 

3. Complete the login process. This will create a successful connection.
4. Click “Test operation”. If the response is 406 means everything is configured correctly.

 

 

Test MCP Tool in Copilot Studio

Lauch copilot studio and click on the Agent you created in earlier steps and click on “Tools tab”. Select your MCP tool as shown the following figure.

Make sure it is “Enabled” if you have other tools attached to the same agent, disable them for now for testing.

 

 

Make sure you have connection available which we created during the testing of custom connector in earlier step. You can also initiate a fresh connection by clicking on the drop down under “Connection” as shown below.

 

 

Refreshing the tools will show all the tools available in this MCP server.

 

 

Provide the prompt such as “Give me the stock price of tesla”. This will trigger the MCP server and call the respective method to bring the stock price of Tesla.

 

 

Now try a weather-related question to see more.

 

 

 

Conclusion

Securing MCP tools in Copilot Studio with OAuth 2.0 Authorization Code Flow is a critical step toward building enterprise-ready integrations. By leveraging this flow, you ensure that user credentials remain protected while enabling delegated access to sensitive APIs and resources.

The approach outlined here provides a solid foundation, but it’s only the beginning. As environments differ, you should evaluate additional security enhancements such as app roles, conditional access policies, and token lifecycle management to meet organizational compliance standards.

Remember, MCP integration in Copilot Studio is still a preview feature, and the ecosystem evolves rapidly. Stay informed, revisit configurations periodically, and adapt to new best practices as they emerge. With a thoughtful implementation, you can unlock the full potential of MCP tools while maintaining robust security and user trust.