Skip to content

Commit 6fe1464

Browse files
ggailey777ggailey777
committed
Clarify description of Microsoft Entra authentication method in MCP server connection documentation
1 parent 6f3a6f3 commit 6fe1464

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

articles/azure-functions/functions-mcp-foundry-tools.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ This table summarizes the currently supported options for authenticating your ag
4141
| Method | Description | Use case | Additional setup | Functions supportS |
4242
| ------ | ----------- | -------- | ---------------- | ------------------- |
4343
| **Key-based**<sup>*</sup> | Agent authenticates by passing a shared [function access key](./function-keys-how-to.md) in the request header. | During development or when the MCP server doesn't require Microsoft Entra authentication. | None | Yes |
44-
| **Microsoft Entra** | Agent authenticates using either its own identity (*agent identity*) or the shared identity of the Foundry project (*project managed identity*). | Production-level security where users or agents share the same identity and permissions. | [Disable key-based authentication](functions-mcp-tutorial.md?tabs=mcp-extension#disable-key-based-authentication) and [configure built-in server authorization and authentication](functions-mcp-tutorial.md?tabs=mcp-extension#enable-built-in-server-authorization-and-authentication). | Project managed identity |
44+
| **Microsoft Entra** | Agent authenticates using either its own identity (*agent identity*) or the shared identity of the Foundry project (*project managed identity*). | Production-level security where users or agents share the same identity and permissions. | [Disable key-based authentication](functions-mcp-tutorial.md?tabs=mcp-extension#disable-key-based-authentication) and [configure built-in server authorization and authentication](functions-mcp-tutorial.md?tabs=mcp-extension#enable-built-in-server-authorization-and-authentication). | Project managed (shared) identity |
4545
| **OAuth identity passthrough** | Agent prompts users to sign in and authorize access, using the provided token to authenticate. | Production when each user must authenticate with their own identity and user context must be persisted. | Not yet determined | No |
4646
| **Unauthenticated access** | Agent makes unauthenticated calls. | During development or when your MCP server accesses only public information. | [Disable key-based authentication](functions-mcp-tutorial.md?tabs=mcp-extension#disable-key-based-authentication). | Yes |
4747

0 commit comments

Comments
 (0)