This repository aims to give a quick introduction in MCP Servers, and in this case we will look specifically at http hosted options.
The aim in this repository is to show how you easily can set up your own MCP Server, but also to highlight how the MCP servers interact with tools like GitHub Copilot and to "demystify" some of the magic that happens behind the scenes.
We are using express.js with typescript in these examples, but SDKs do exist for other languages as well.
There are multiple ways of hosting MCP Servers, you can run it as a node package, an Docker image, or, as we will discuss in this repo as a web server/API.
We set up the API and within that we will host the MCP Server itself. We create a POST endpoint, which clients will use to connect and communicate with the MCP server itself. This communication can be made stateful, but for simplicity we will not implement any stateful design. In the API we configure the MCP server; naming it, versioning it, and registrering tools, resources and promts.
The clients will use the same POST endpoint for establishing connection, listing the available tools, resources and prompts, and acting these out/performing these actions.
We can create/register three different types of entities in an MCP Server: Resources, Tools and Prompts. We can make them as simple or complex as we want, but in this getting started guide we will keep it simple.
In the folder docs we have a step by step guide for setting up the MCP server, adding resources, tools and prompts. Each section is independent of the others, so you can jump directly to the section you want to read about.
The sections are as follows:
While it is easy to create many tools that are very granular, it is often better to create tools that are more high level and that can perform a complete action. This is because the model then has less to figure out by itself, and the risk of it making mistakes is lower. In addition most models have a limit in the number of tools they can handle, so having fewer tools that are more high level is often a better approach.
When creating tools that can perform actions, it is important to consider the safety aspects. Make sure that the tools you create have the necessary checks and balances to prevent unintended actions. This could include confirmation steps, permission checks, and logging of actions performed.
For MCP clients to be able to automatically connect to a protected MCP server, the server needs to support OAuth2.1 with dynamic client registration. Official documentation
This can be a bit tricky to set up, especially as Entra ID and many other ID providers don't support dynamic client registration. Luckily many of the development tools (like Visual Studio Code) already have an App Registration that can be used for this purpose(Automatically).