A production-ready remote Model Context Protocol (MCP) server built with C# and ASP.NET Core, featuring OAuth 2.1 authentication with mandatory PKCE via Microsoft Azure AD and comprehensive MCP tools.
- π OAuth 2.1 Authentication: Full authorization server with Microsoft Azure AD integration and mandatory PKCE
- π Dynamic Client Registration: RFC 7591 compliant for MCP clients
- ποΈ WebAuthn Biometric Support: Face ID, Touch ID, and security key authentication
- π Stateless Operation: Works with stateless MCP clients using memory cache
- 16 Tools across 4 categories (Math, Utility, Data, Reflection)
- π Self-Documenting with 5 powerful reflection tools
- π Network Ready - accepts connections from any IP with proper security
- β‘ Production Grade - built with ASP.NET Core and enterprise patterns
- π Universal MCP Client Support - works with Claude Code, Cursor, VS Code
- π οΈ Professional UI - Bootstrap-styled authentication and registration pages
Add- Adds two numbers togetherSubtract- Subtracts the second number from the firstMultiply- Multiplies two numbers togetherDivide- Divides the first number by the second (with zero-division protection)
Echo- Echoes input messages back to the clientGetCurrentTime- Returns current server time in UTCGenerateRandomNumber- Generates random numbers with configurable range
FormatJson- Converts JSON strings to formatted, indented JSONToUpperCase- Converts text to uppercaseToLowerCase- Converts text to lowercaseReverseText- Reverses input text
ListAllTools- Complete inventory of all available tools with metadataGetToolInfo- Detailed analysis of specific tools including parametersListToolsByCategory- Filter tools by category (Math, Utility, Data, Reflection)SearchTools- Intelligent keyword search across tool names and descriptionsGetServerMetadata- Server introspection including .NET version and capabilities
- .NET 9.0 SDK
- Node.js (for mcp-remote proxy)
- Claude Code
-
Clone the repository
git clone https://github.com/yourusername/remote-mcp.git cd remote-mcp -
Restore packages
dotnet restore
-
Build the project
dotnet build
-
Run the server
dotnet run
The server will start on
http://0.0.0.0:3001with enterprise authentication enabled.
-
Register an Azure AD Application:
- Go to Azure Portal > Azure Active Directory > App registrations
- Create new registration
- Add redirect URI:
http://localhost:3001/oauth/callback - Create a client secret and save it
-
Configure appsettings.json:
cp appsettings.json.example appsettings.json
Edit with your Azure AD credentials:
{ "Authentication": { "Mode": "AuthorizationServer", "OAuth": { "Issuer": "http://localhost:3001" }, "ExternalIdP": { "Provider": "AzureAD", "ClientSecret": "YOUR_AZURE_AD_CLIENT_SECRET", "AzureAD": { "TenantId": "YOUR_TENANT_ID", "ClientId": "YOUR_CLIENT_ID", "Authority": "https://login.microsoftonline.com/YOUR_TENANT_ID" } } } }
Set Mode to "Disabled" in appsettings.json to bypass authentication
See INTEGRATOR_GUIDE.md for detailed enterprise configuration options.
The server implements a complete OAuth 2.1 authorization server with mandatory PKCE:
- Dynamic Client Registration: MCP clients register dynamically (RFC 7591)
- Microsoft Authentication: Users authenticate with their Microsoft account
- Token Issuance: Server issues its own JWT tokens after successful auth
- Stateless Operation: Uses memory cache for MCP clients that don't maintain cookies
/.well-known/oauth-authorization-server- OAuth metadata/.well-known/oauth-protected-resource- Resource metadata
/register- Dynamic client registration/authorize- Authorization endpoint/oauth/callback- Microsoft callback handler/token- Token exchange endpoint
Health Check:
curl http://localhost:3001/health
# Expected: {"status":"healthy","timestamp":"2025-XX-XX..."}Server Info:
curl http://localhost:3001/info
# Returns server metadata and available endpointsMCP Protocol Test:
curl http://localhost:3001/
# Expected: MCP protocol error (this confirms MCP is active)- Install Claude Desktop
- Use the
/mcpcommand - Enter server URL:
http://localhost:3001 - Complete Microsoft authentication when prompted
- MCP tools are now available
Add to MCP settings:
Add to your Claude Code MCP configuration:
{
"mcpServers": {
"remote-math-server": {
"command": "npx",
"args": ["mcp-remote", "http://localhost:3001/"],
"description": "Remote MCP server with math, utility, data, and reflection tools"
}
}
}claude mcp list
# Should show: remote-math-server: npx mcp-remote http://localhost:3001/ - β ConnectedTry these commands in Claude Code:
Complete Tool Discovery:
"List all available tools"
Tool Analysis:
"Show me detailed information about the divide tool"
Category Filtering:
"What tools are in the Math category?"
Intelligent Search:
"Search for tools related to text processing"
System Information:
"What's the server metadata?"
- Transport Layer: Streamable HTTP with CORS support
- Tool Discovery: Attribute-based auto-registration using
[McpServerToolType]and[McpServerTool] - Reflection System: .NET reflection APIs for runtime introspection
- Error Handling: Comprehensive validation and graceful error responses
- Security: Scoped assembly reflection with attribute-based filtering
Tool Implementation:
[McpServerToolType]
public static class YourTools
{
[McpServerTool, Description("What your tool does")]
public static ReturnType YourMethod(
[Description("Parameter description")] ParameterType param)
{
// Implementation with proper error handling
return result;
}
}Reflection Safety:
// β
Safe: Scoped to current assembly only
Assembly.GetExecutingAssembly()
// β
Safe: Attribute-based filtering
.Where(t => t.GetCustomAttribute<McpServerToolTypeAttribute>() != null)
// β
Safe: JSON-serializable responses
return new { found = true, data = structuredObject };The server binds to 0.0.0.0:3001 for network access. Configure your firewall to allow port 3001:
# macOS/Linux - allow port 3001
sudo ufw allow 3001
# Find your server's IP for remote connections
hostname -IFROM mcr.microsoft.com/dotnet/aspnet:9.0
WORKDIR /app
COPY bin/Release/net9.0/publish/ .
EXPOSE 3001
ENTRYPOINT ["dotnet", "remote-mcp.dll"]# Production settings
export ASPNETCORE_ENVIRONMENT=Production
export ASPNETCORE_URLS=http://0.0.0.0:3001remote-mcp/
βββ Program.cs # Server configuration and startup
βββ Tools/ # SOLID-compliant tool organization
β βββ MathTools.cs # Math operations (Add, Subtract, Multiply, Divide)
β βββ UtilityTools.cs # Utility functions (Echo, Time, Random)
β βββ DataTools.cs # Data manipulation (JSON, Case, Reverse)
β βββ ReflectionTools.cs # Introspection tools (5 reflection capabilities)
βββ remote-mcp.csproj # Project configuration
βββ .mcp.json # MCP client integration
βββ CLAUDE.md # Development guide
βββ LICENSE # MIT License
βββ README.md # This file
- Single Responsibility: Each tool class has one focused purpose
- Open/Closed: Add new tool categories without modifying existing code
- Clean Separation: Server configuration separate from business logic
- Maintainable: Easy to locate, test, and extend specific tool categories
- Create a new tool file in the
Tools/directory:
// Tools/MyCustomTools.cs
using ModelContextProtocol.Server;
using System.ComponentModel;
[McpServerToolType]
public static class MyCustomTools
{
[McpServerTool, Description("Description of what your tool does")]
public static string MyTool([Description("Parameter description")] string input)
{
// Your logic here
return $"Processed: {input}";
}
}- Automatic Discovery: The tool will be automatically discovered via assembly scanning
- Verification: Use the reflection tools (
ListAllTools()) to verify registration - Organization: Follow the established patterns in existing tool files
- Health endpoint:
http://localhost:3001/health - Server info:
http://localhost:3001/info - MCP Inspector:
npx @modelcontextprotocol/inspector@latest http://localhost:3001/ - Reflection tools: Use
ListAllTools()to verify your tools are registered
- CLAUDE.md - Development commands and architecture
- INTEGRATOR_GUIDE.md - Configuration, deployment, and customization guide
- Medium Article Series - Step-by-step implementation guide
- Scoped reflection to executing assembly only
- Attribute-based filtering prevents unintended exposure
- No dynamic code execution
- Comprehensive input validation
- CORS configured for development (restrict for production)
- Add authentication middleware
- Implement rate limiting
- Use HTTPS in production
- Restrict CORS origins
- Configure firewall rules
- Monitor for abuse
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow the established MCP architectural patterns
- Add comprehensive descriptions to all tools
- Include proper error handling
- Update documentation for new features
- Test with reflection tools to verify integration
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with ModelContextProtocol.AspNetCore
- Inspired by Anthropic's MCP specification
- 16 Tools across 4 categories
- 5 Reflection Tools for self-documentation
- Production Ready with ASP.NET Core
- Network Enabled for distributed access
- Comprehensive Testing with health checks and MCP Inspector support
