Skip to main content

Entra ID Auth for Claude MCP Servers with Datawiza Gateway

About 9 min

Enable Microsoft Entra ID Authentication for Claude MCP Servers

Overview

This tutorial shows how to add Microsoft Entra ID (formerly Azure AD) authentication to an existing MCP server using Datawiza Agent Gateway — without modifying the server itself.

Datawiza Agent Gateway sits in front of your MCP server, handles the Microsoft Entra ID login flow, validates the user, enforces access policy, and forwards only authenticated MCP traffic to the backend. Your MCP server stays focused on its tools and never needs to implement enterprise OAuth.

Architecture

Architecture diagram — Datawiza Agent Gateway between Claude and the internal MCP server

MCP over HTTP supports authorization at the transport layer. Protected MCP servers can require OAuth-style bearer tokens before granting access to tools. Since authorization is optional in the MCP spec, many internal servers skip it entirely — which is exactly where a gateway pattern adds value.

What You Will Build

By the end of this tutorial you will have a Datawiza-protected public endpoint sitting in front of your existing internal MCP server:

https://crm-mcp.company.com/mcp     ← protected endpoint Claude connects to
http://internal-crm-mcp:3000/mcp    ← your existing MCP server (stays internal)

Claude connects only to the protected endpoint. The internal MCP server is unreachable from outside your network.

The examples throughout this tutorial use a sample internal CRM server as the backend. This is illustrative — you will substitute your own MCP server. The sample server exposes three tools:

ToolDescription
get_customer_profileRetrieve a customer's profile by ID
list_customer_ordersList recent orders for a customer
create_support_ticketOpen a support ticket on behalf of a customer

Why This Pattern Matters

Many MCP servers are easy to build but do not include enterprise-grade authentication. This is risky when tools expose CRM records, orders, tickets, finance data, or internal APIs.

With Datawiza Agent Gateway, responsibilities stay separate:

  • MCP server developers build business tools.
  • Identity teams manage authentication and access policy.
  • Claude users authenticate with Microsoft Entra ID before any tool is available.

Prerequisites

  • A Microsoft Entra ID tenant
  • Permission to create Entra app registrations (this tutorial registers two: a resource app and a client app)
  • A Datawiza Agent Gateway Console (DAGC)open in new window account
  • A Linux host reachable from the internet on port 443 to run the gateway container
  • Docker and Docker Compose installed on the gateway host (the setup script in Step 2.5 can install these for you)
  • A public hostname for the protected MCP endpoint
  • An existing MCP server accessible on your internal network
  • Claude Code or Claude.ai with support for remote MCP servers

Step 1: Register Apps in Microsoft Entra ID

MCP authorization needs two separate app registrations:

  • A resource app that represents the protected MCP server itself — it exposes the API and the scope Claude requests.
  • A client app that represents Claude — it's what a user actually signs into, and it holds the redirect URIs and requests the resource app's scope on the user's behalf.

Keeping them separate is standard OAuth practice: the resource app is never involved in a browser redirect, and the client app never defines API scopes.

1.1 Register the Resource App

  1. In the Azure portalopen in new window, go to Microsoft Entra ID > App registrations.

  2. Click New registration and fill in:

    FieldValue
    NameDatawiza CRM MCP Gateway
    Supported account typesSingle tenant
    Redirect URILeave blank — this app never signs in a user directly

    Microsoft Entra ID — New registration form

  3. Configure the Application ID URI to match the protected MCP endpoint. The client requests the MCP server's URL as the resource, and Entra ID rejects the request with AADSTS9010010 if that resource doesn't match the scope it's paired with — and a scope is only ever valid for the resource identified by its Application ID URI. So the Application ID URI cannot stay as the default api://<client-id>; it must equal your protected endpoint:

    1. Go to Expose an API.
    2. Next to Application ID URI, click Add, clear the default value, and enter your protected MCP endpoint instead, e.g. https://crm-mcp.company.com/mcp.
    3. Click Save. Microsoft Entra ID — Expose an API page showing the Application ID URI set to the protected MCP endpoint

    Verified custom domain required

    A custom https:// Application ID URI must be under a domain verified for your Entra tenant (Entra ID > Custom domain names). If crm-mcp.company.com isn't verified yet, add and verify it first — Entra rejects unverified domains.

  4. Add a delegated scope so Claude can request access on behalf of the signed-in user. A custom Application ID URI has no scopes by default, and the authorization code flow needs one to issue a token with the right audience:

    1. Still on Expose an API, click Add a scope.

    2. Fill in:

      FieldValue
      Scope nameaccess
      Who can consentAdmins and users
      Admin consent display nameAccess CRM MCP Gateway
      Admin consent descriptionAllows Claude to access the CRM MCP Gateway on behalf of the signed-in user.
      StateEnabled
    3. Click Add scope.

    This creates the scope https://crm-mcp.company.com/mcp/access. Microsoft Entra ID — Expose an API page showing the access delegated scope

1.2 Register the Client App

This is the app Claude actually signs users into.

  1. Click New registration again and fill in:

    FieldValue
    NameClaude CRM MCP Client
    Supported account typesSingle tenant
    Redirect URI — PlatformMobile and desktop applications
    Redirect URI — URIhttps://claude.ai/api/mcp/auth_callback

    Claude Code uses a different callback URL than Claude.ai — a localhost address, since the OAuth flow completes on the machine running the CLI. If you also want to support Claude Code, add a second redirect URI under the same platform:

    1. Go to Authentication, and under the Mobile and desktop applications platform you just configured, click Add URI.
    2. Add http://localhost:8080/callback.

    You can pick any available port; just use the same port when adding the server in Step 3.

  2. After the app is created, copy these values — you will need them in Steps 2 and 3:

    ValueWhere to find it
    Tenant IDOverview page
    Client IDOverview page

    Microsoft Entra ID — Overview page showing Tenant ID and Client ID

  3. Grant this client app permission to request the resource app's scope:

    1. Go to API permissions > Add a permission > My APIs.
    2. Select the resource app (Datawiza CRM MCP Gateway) from Step 1.1.
    3. Choose Delegated permissions, check access, then click Add permissions.
    4. Click Grant admin consent for <tenant> so users aren't individually prompted to consent, if your organization's policy allows it.

Step 2: Configure Datawiza Agent Gateway

2.1 Sign in and click Getting Started

Log into Datawiza Agent Gateway Console (DAGC)open in new window and click the Getting Started button on the home page.

Datawiza Agent Gateway Console home page with Getting Started button

2.2 Name your Deployment

The Getting Started wizard opens at Step 1 of 4 — Deployment Name.

  1. Enter a Name for the deployment (e.g., CRM MCP Gateway).
  2. Click Next.

Getting Started wizard Step 1 — enter a deployment name

2.3 Add a Service

Step 2 of 4 — Service defines the public-facing MCP endpoint that Claude connects to.

FieldValue
NameCRM MCP Service
Base (Load Balancer) URLYour public gateway URL, e.g. https://crm-mcp.company.com
SSLEnable — check Enable SSL and use datawiza self-signed certificate
Listen Port443
Authentication MethodEntra ID Access Token
Issuerhttps://login.microsoftonline.com/<tenant-id>/v2.0
Audiencehttps://crm-mcp.company.com/mcp (the resource app's Application ID URI from Step 1.1)

Click Next.

Self-signed certificate

The Datawiza self-signed certificate is the fastest way to get started, but Claude Desktop and some tools will reject it. For production, replace it with a certificate from a trusted CA.

Getting Started wizard Step 2 — add a service with Entra ID Access Token authentication

2.4 Add a Backend

Step 3 of 4 — Backend points the gateway at your existing internal MCP server.

FieldValue
NameInternal CRM MCP
TypeMCP
Backend Servershttp://internal-crm-mcp:3000
Auth typeNo Auth

Click Create.

Getting Started wizard Step 3 — configure the internal MCP server as the backend

2.5 Deploy the Gateway

Step 4 of 4 — Deploy shows your provisioning credentials and the startup commands.

  1. Note the Provisioning Key and Provisioning Secret shown at the top.

  2. Run the two commands on your gateway host:

    # Install Docker and pull the Datawiza Agent Gateway image
    curl https://datawiza.s3.us-west-2.amazonaws.com/datawiza-dag-env-prep.sh | sh
    
    # Start Datawiza Agent Gateway
    curl -s https://datawiza.s3.us-west-2.amazonaws.com/datawiza-dag-docker-compose-prep.sh \
      | bash -s -- -k <PROVISIONING_KEY> -s <PROVISIONING_SECRET> -p 443 \
      && sudo docker compose up -d
    
  3. Click Done.

Getting Started wizard Step 4 — provisioning keys and deploy commands

The gateway pulls its full configuration from DAGC automatically.

Step 3: Add the Protected MCP Endpoint to Claude

Claude Code

Claude Code completes the OAuth flow locally, so it redirects to http://localhost:<port>/callback instead of the claude.ai callback used by Claude.ai. By default it picks a random available port, which will not match the redirect URI you registered on the client app in Step 1.2 — pin the port with --callback-port so it matches.

Entra ID also does not support OAuth dynamic client registration, so Claude Code needs the client app's Client ID you copied in Step 1.2 up front via --client-id. No client secret is needed — the app is a public client using authorization code + PKCE, so omit --client-secret:

claude mcp add --transport http \
  --client-id <CLIENT_ID> --callback-port 8080 \
  internal-crm https://crm-mcp.company.com/mcp

This registers the server with the fixed callback port and client ID. Editing the MCP configuration file directly does not let you set these, so use the claude mcp add command above rather than adding the entry by hand.

Claude.ai

Organization admins can add the protected endpoint from Settings > Connectors:

  1. Go to Settings > Connectors and click Add connector.

  2. Enter the protected server URL (e.g., https://crm-mcp.company.com/mcp).

  3. Entra ID doesn't support OAuth dynamic client registration, so expand Advanced settings and enter the client app's Client ID from Step 1.2. Leave Client Secret blank — the app is a public client using authorization code + PKCE.

  4. Click Save.

    Claude.ai — adding the remote MCP server in Settings > Connectors

Users will be prompted to complete the Entra ID login when they first use the server.

Step 4: Verify Unauthenticated Access Is Blocked

Before testing with Claude, confirm the gateway is rejecting unauthenticated requests:

curl -ik https://crm-mcp.company.com/mcp

Expected response:

HTTP/1.1 401 Unauthorized

This confirms that Datawiza is intercepting traffic and no unauthenticated request can reach the backend MCP server.

Step 5: Sign In with Microsoft Entra ID

When Claude first connects to the protected endpoint, it detects that authentication is required and initiates the Entra ID sign-in flow. Claude handles the OAuth redirect; Datawiza validates the resulting access token on every request.

  1. Claude displays a browser prompt asking you to authenticate.

    Claude prompting the user to sign in before MCP tools are available

  2. Your browser opens the Microsoft Entra ID login page. Sign in with your enterprise account.

    Microsoft Entra ID login page

  3. After a successful sign-in, Entra ID redirects back to Claude. Claude stores the access token and attaches it as a bearer token to each MCP request. Datawiza validates the token — checking the issuer and the MCP endpoint audience — before forwarding the request to the backend.

  4. Claude confirms the MCP server is connected and tools are available.

    Claude showing the MCP server as connected after sign-in

Once signed in, Claude can call MCP tools for the duration of the session. An expired or missing token returns 401 Unauthorized and triggers a new login prompt.

Step 6: Call MCP Tools from Claude

With the MCP server connected, test each tool to confirm end-to-end authentication is working.

Get a customer profile

In Claude, type:

Use the Internal CRM MCP server to get the profile for customer c001.

Claude calls get_customer_profile and shows the result:

Claude calling get_customer_profile and displaying the result

List customer orders

In Claude, type:

List recent orders for c001.

Claude calls list_customer_orders and displays the order history:

Claude calling list_customer_orders and displaying the result

Create a support ticket

In Claude, type:

Create a support ticket for c001 saying the customer needs help with SSO configuration.

Claude calls create_support_ticket and confirms the ticket was created:

Claude calling create_support_ticket and confirming creation

Step 7: Verify Datawiza Logs and Audit Records

In DAGC, open the logs for your deployment and confirm the following events appear:

  • User login event with the authenticated user's email
  • Microsoft Entra ID authentication success
  • Request allowed or denied based on policy
  • Request forwarded to the backend MCP server
  • MCP tool call recorded with user context

This confirms that Datawiza is acting as the authentication, identity, and policy enforcement layer for all Claude-to-MCP traffic.

Summary

Your MCP server stays simple — it exposes tools for Claude without implementing enterprise OAuth. Datawiza Agent Gateway becomes the front door: it handles Microsoft Entra ID login, validates tokens, enforces access policy, and forwards only authenticated traffic to the backend.

This separation of concerns means MCP server developers can focus on building useful tools, while identity and access control remain owned by the teams responsible for them. The same pattern applies to any internal MCP server — CRM, HR, finance, ticketing, or internal APIs — without changing a line of server code.

Claude users get a seamless experience: they authenticate once with their enterprise Entra ID credentials, and all MCP tools become available for the session. Unauthenticated or unauthorized requests never reach the backend.