Integrating with Software-Defined Brain Technology

Both the Agentic Access Layer and MCP Server Mesh use the same underlying MCP technology, but serve different integration scenarios:

• Agentic Access Layer (AAL): Connects specialized, user-facing agents to the Software-Defined Brain (SDB), the central Cortex LLM .
• MCP Server Mesh (MSM): Connects user-facing agents to tools and data sources.

Developing Your Own MCP Server

• You may use any MCP SDK that supports MCP Protocol version 2025-06-18.
• Ensure your MCP server can process the following HTTP headers on each request:
  • X-User-Id: The object ID of the user in your trust store.
  • X-User-Email: The full user email address in your trust store.
  This can also be used to implement custom authorization logic based on your trust store.

These headers are required for authentication and authorization.

Note: The following configuration is provided as an example using Entra ID.

X-User-Id: 12345678-90ab-cdef-1234-567890abcdef
X-User-Email: user@yourdomain.com

MCP Server Discovery

To enable SDB to discover all MCP servers, you must redeploy SDB with the necessary appsettings configuration for MCP servers. SDB will only discover MCP servers that are listed in its configuration.

Note: The following configuration is provided as an example using Entra ID.

appsettings.json Configuration

{
    "McpServers": [
        {
            "McpServer": {
                "Name": "YourMcpServer",
                "Endpoint": "https://yourmcpserver.azurewebsites.net/",
                "RedirectUri": "https://yourmcpserver.azurewebsites.net/signin-oidc",
                "AppId": "11111111-90ab-cdef-1234-567890abcdef",
                "AppIdUri": "api://11111111-90ab-cdef-1234-567890abcdef"
            }
        },
        {
            "McpServer": {
                "Name": "AnotherMcpServer",
                "Endpoint": "https://anothermcpserver.azurewebsites.net/",
                "RedirectUri": "https://anothermcpserver.azurewebsites.net/signin-oidc",
                "AppId": "22222222-90ab-cdef-1234-567890abcdef",
                "AppIdUri": "api://22222222-90ab-cdef-1234-567890abcdef"
            }
        }
    ]
}

• Name: Unique name for your MCP server.
• Endpoint: Base URL where your MCP server is accessible.
• RedirectUri: OIDC redirect URI for authentication.
• AppId: Application (client) ID registered in Entra ID (example).
• AppIdUri: Application URI for API access (example).

Authentication and Authorization

• Authentication: Use Entra ID (Azure Active Directory) to authenticate users (example).
• Authorization: The SDB validates the X-User-Id and X-User-Email headers against Entra ID (example).
• Ensure your MCP Server is registered as an application in your Entra ID tenant (example).