Generally Available: Model Context Protocol support in Azure API Management and Azure API Center

Generally Available: Model Context Protocol support in Azure API Management and Azure API Center

Announcing the public preview of Model Context Protocol (MCP) support in Azure API Management and Azure API Center. With this new capability, enterprises can transform their existing APIs into dynamic, agent-ready tools, while improving security and simplifying management.

Enhanced Security for MCP Servers:

• Apply gateway policies to protect MCP servers by enforcing authentication, authorization, rate limiting, and other security measures.

Transform Existing APIs into MCP Servers:

• Easily expose any APIM-managed API as an MCP server, transforming your existing APIs into dynamic, agent-ready tools with minimal effort.

Private MCP Registry for Enterprise Organizations:

• Use Azure API Center as a private remote MCP registry for your organization, giving you full control over what services are exposed.

Streamlined MCP Discovery and Consumption:

• Expose APIs as MCP servers in Azure API Center (APIC) for a better developer experience and smoother API consumption.

These features make it easier to secure, manage, and consume APIs in a way that supports advanced use cases like AI integrations, all while improving security and governance.

Public Preview: Managed Identity support in Network Watcher VNET flow log, traffic analytics and packet capture

VNET flow log captures IP traffic flowing through VNETs, subnets, and NICs for monitoring, troubleshooting, network optimization, security, and compliance needs and stores the logs in Azure Storage

Traffic Analytics leverages VNET flow logs and aggregates, processes and enriches the flows to analyze traffic flow and offers insights into network activity, visualization, security, and performance.

Network Watcher packet capture enables the capture of network packets directly from a virtual machine, helping users perform deep network analysis and diagnose issues.

Managed identities provided by Microsoft Entra ID enables VNET flow logs and traffic analytics to securely access Azure Blob Storage and log analytics workspace respectively without the need to manage credentials. For more information, see What is managed identities for Azure resources.

After you enable managed identity for Network Watcher VNET flow logs, traffic analytics, or packet capture by granting the managed identity necessary permissions will use the managed identity to obtain an access token from Microsoft Entra ID for accessing the specified resource.