rough draft

Author: gitName

articles/api-management/TOC.yml

@@ -236,7 +236,7 @@
   items:
   - name: AI gateway capabilities in API Management
     href: genai-gateway-capabilities.md
-  - name: Import LLM APIs
+  - name: Manage LLM APIs
     items:
     - name: Import Azure AI Foundry API
       href: azure-ai-foundry-api.md
@@ -247,13 +247,17 @@
     - name: Import Google Gemini API
       href: openai-compatible-google-gemini-api.md
     - name: Import Amazon Bedrock API
-      href: amazon-bedrock-passthrough-llm-api.md
-  - name: Expose REST API as MCP server
-    href: export-rest-mcp-server.md
-  - name: Semantic caching for Azure OpenAI API requests
-    href: azure-openai-enable-semantic-caching.md
-  - name: Authenticate and authorize to Azure OpenAI
-    href: api-management-authenticate-authorize-azure-openai.md
+      href: amazon-bedrock-passthrough-llm-api.
+    - name: Semantic caching for LLM API requests
+      href: azure-openai-enable-semantic-caching.md
+    - name: Authenticate and authorize to Azure OpenAI
+      href: api-management-authenticate-authorize-azure-openai.md
+  - name: Manage MCP servers
+    items:
+    - name: Expose REST API as MCP server
+      href: export-rest-mcp-server.md
+    - name: Connect and govern existing MCP server
+      href: connect-govern-existing-mcp-server.md
 - name: Manage APIs with policies
   items:
   - name: API Management policies overview

articles/api-management/connect-govern-existing-mcp-server.md

@@ -14,35 +14,42 @@ ms.custom:
 
 [!INCLUDE [api-management-availability-premium-standard-basic-premiumv2-standardv2-basicv2](../../includes/api-management-availability-premium-standard-basic-premiumv2-standardv2-basicv2.md)]
 
-Azure API Management now supports secure integration with external MCP-compatible servers — tool servers hosted outside of API Management — through its built-in [AI gateway](genai-gateway-capabilities.md). This capability adds to existing support for MCP servers [natively exposed in API Management](export-rest-mcp-server.md) from managed REST APIs. Wit this enhancement, organizations can apply consistent governance, security, and observability to all MCP tools, regardless of where they are hosted. 
+This article shows how Azure API Management supports secure integration with existing MCP-compatible servers — tool servers hosted outside of API Management — through its built-in [AI gateway](genai-gateway-capabilities.md). 
 
-This capability is essential for enterprises building AI agents and copilots that rely on tools distributed across cloud services, open-source runtimes, and internal platforms. With API Management, you can now centralize access, enforce policies, and monitor usage across your entire AI tool ecosystem.
+Example scenarios include:
 
-### Example scenarios
+- Proxy [LangServe](https://langchain-ai.github.io/langserve/) or [LangChain](https://python.langchain.com/) tool servers through API Management with per-tool authentication and rate limits.
+- Securely expose Azure Logic Apps–based tools to copilots using IP filtering and OAuth.
+- Centralize MCP tools from Azure Functions and open-source runtimes into [Azure API Center](../api-center/register-discover-mcp-server.md).
+- Enable GitHub Copilot, Claude by Anthropic, or ChatGPT to interact securely with tools across your enterprise.
 
-- Proxy LangServe or LangChain tool servers through API Management with per-tool authentication and rate limits.
-- Securely expose Logic App–based tools to copilots using IP filtering and OAuth.
-- Centralize tools from Azure Functions and open-source runtimes into Azure API Center.
-- Enable GitHub Copilot, Claude, or ChatGPT to interact securely with tools across your enterprise.
+API Management also supports MCP servers natively exposed in API Management from managed REST APIs. For more information, see [Expose a REST API as an MCP server](export-rest-mcp-server.md)
 
+With support for existing and exposed MCP servers, API Management provides centralized control over authentication, authorization, and monitoring. It simplifies the management of MCP servers while helping to mitigate common security risks and ensuring scalability.
 
 ## Prerequisites
 
-- An Azure API Management instance with the AI Gateway feature enabled.
++ If you don't already have an API Management instance, complete the following quickstart: [Create an Azure API Management instance](get-started-create-service-instance.md). Your API Management instance must be in one of the supported service tiers for preview: classic Basic, Standard, Premium, Basic v2, Standard v2, or Premium v2.
++ If your instance is in the classic Basic, Standard, or Premium tier, you must join the **AI Gateway Early** [update group](configure-service-update-settings.md) to access MCP server features. It can take up to 2 hours for the update to be applied.
 - Access to an external MCP-compatible server (for example, hosted in Azure Logic Apps, Azure Functions, LangServe, or other platforms).
 - Appropriate credentials to the MCP server (OAuth 2.0 client credentials or API keys) for secure access.
-
-
++ To test the MCP server, you can use Visual Studio Code with access to [GitHub Copilot](https://code.visualstudio.com/docs/copilot/setup).
 
 ## Connect an existing MCP Server
 
-1. Navigate to your Azure API Management instance in the Azure portal.
-2. In the left-hand menu, select **MCP servers** > **+ Create MCP server**.
-2. Choose **Connect existing MCP server**.
-3. Enter the following details:
+1. In the [Azure portal](https://portal.azure.com), navigate to your API Management instance.
+1. In the left-hand menu, select **MCP servers** > **+ Create MCP server**.
+1. Select **Connect existing MCP server**.
+1. Enter the following details for the backend MCP server:
    - **Base URL** of the external MCP server.
    - **Metadata endpoint** (if available).
    - **Tool schema** describing the server’s capabilities.
+1. Enter the following details for the frontend MCP server accessed through API Management:
+   - **Display name** for the MCP server in API Management.
+   - **Endpoint URL** where the MCP server will be accessible.
+
+[!INCLUDE [api-management-configure-test-mcp-server](../../includes/api-management-configure-test-mcp-server.md)]
+
 
 ## Configure access and security Policies
 
@@ -77,13 +84,3 @@ With this enhancement, Azure API Management becomes the unified governance layer
 
 By integrating with Azure API Center, all your AI tools become discoverable, auditable, and reusable — regardless of their hosting environment.
 
-## Related content
-
-* [Python sample: Secure remote MCP servers using Azure API Management (experimental)](https://github.com/Azure-Samples/remote-mcp-apim-functions-python)
-
-* [MCP client authorization lab](https://github.com/Azure-Samples/AI-Gateway/tree/main/labs/mcp-client-authorization)
-
-* [Use the Azure API Management extension for VS Code to import and manage APIs](visual-studio-code-tutorial.md)
-
-* [Register and discover remote MCP servers in Azure API Center](../api-center/register-discover-mcp-server.md)
-

articles/api-management/export-rest-mcp-server.md

@@ -17,14 +17,9 @@ ms.custom:
 
 In API Management, you can expose a REST API managed in API Management as a remote [Model Context Protocol (MCP)](https://www.anthropic.com/news/model-context-protocol) server. Expose one or more of the API operations as tools that MCP clients can call using the MCP protocol. 
 
-In addition to exposing your OpenAPI and HTTP endpoints as MCP servers, you can expose REST APIs managed in API Management such as the following:
+Azure API Management also supports secure integration with existing MCP-compatible servers — tool servers hosted outside of API Management - such as Azure logic apps or function apps, or tools hosted in LangServe or LangChain. See [Connect and govern existing MCP server](connect-govern-existing-mcp-server.md) for more information.
 
-* [Azure function app](import-function-app-as-api.md), for accessing serverless APIs
-* [Azure logic app](import-logic-app-as-api.md), for automating workflows
-* [Azure container app](container.md), for deploying containerized APIs
-
-
-Using API Management to expose remote MCP servers provides centralized control over authentication, authorization, and monitoring. It simplifies the process of exposing APIs as MCP servers while helping to mitigate common security risks and ensuring scalability.
+With support for existing and exposed MCP servers, API Management provides centralized control over authentication, authorization, and monitoring. It simplifies the management of MCP servers while helping to mitigate common security risks and ensuring scalability.
 
 > [!IMPORTANT]
 > This feature is currently in preview. Review the [prerequisites](#prerequisites) to access MCP server features.
@@ -41,9 +36,9 @@ In this article, you learn how to:
 
 + If you don't already have an API Management instance, complete the following quickstart: [Create an Azure API Management instance](get-started-create-service-instance.md). Your API Management instance must be in one of the supported service tiers for preview: classic Basic, Standard, Premium, Basic v2, Standard v2, or Premium v2.
 + If your instance is in the classic Basic, Standard, or Premium tier, you must join the **AI Gateway Early** [update group](configure-service-update-settings.md) to access MCP server features. It can take up to 2 hours for the update to be applied.
-+ Make sure that your instance manages a REST API that you'd like to expose as an MCP server. To import a sample API, see [Import and publish your first API](import-and-publish.md).
++ Make sure that your instance manages an HTTP-compatible API (any API imported as a REST API) that you'd like to expose as an MCP server. To import a sample API, see [Import and publish your first API](import-and-publish.md).
     > [!NOTE]
-    > Only HTTP APIs from API Management can be exposed as MCP servers.
+    > Only HTTP APIs managed in API Management can be exposed as MCP servers.
 + To test the MCP server, you can use Visual Studio Code with access to [GitHub Copilot](https://code.visualstudio.com/docs/copilot/setup).
 
 
@@ -62,83 +57,4 @@ The MCP server is created and the API operations are exposed as tools. The MCP s
 
 :::image type="content" source="media/export-rest-mcp-server/mcp-server-list.png" alt-text="Screenshot of the MCP server list in the portal.":::
 
-## Configure policies for the MCP server
-
-Configure one or more API Management [policies](api-management-howto-policies.md) to help manage the MCP server. The policies are applied to all API operations exposed as tools in the MCP server and can be used to control access, authentication, and other aspects of the tools.
-
-For a tutorial on how to configure policies, see [Transform and protect your API](transform-api.md).
-
-To configure policies for the MCP server:
-
-1. In the portal, under **APIs**, select **MCP Servers**.
-1. Select the MCP server you created.
-1. In the left menu, under **MCP**, select **Policies**.
-1. In the policy editor, add or edit the policies you want to apply to the MCP server's tools. The policies are defined in XML format. For example, you can add a policy to limit calls to the MCP server's tools (in this example, 5 calls per 30 second per client IP address).
-
-    ```xml
-	<rate-limit-by-key calls="5" renewal-period="30" counter-key="@(context.Request.IpAddress)" remaining-calls-variable-name="remainingCallsPerIP" />
-    ```
-
-    :::image type="content" source="media/export-rest-mcp-server/mcp-server-policies-small.png" alt-text="Screenshot of the policy editor for an MCP server." lightbox="media/export-rest-mcp-server/mcp-server-policies.png":::
-
-## Test and use the MCP server
-
-To verify that the MCP server is working, you can use Visual Studio Code to send requests to the MCP server tools.
-
-In Visual Studio Code, use GitHub Copilot chat in agent mode (preview) to add the MCP server and use the tools. For background about MCP servers in Visual Studio Code, see [Use MCP Servers in VS Code (Preview)](https://code.visualstudio.com/docs/copilot/chat/mcp-servers).
-
-> [!TIP]
-> If you use the [MCP Inspector](https://modelcontextprotocol.io/docs/tools/inspector) to test an MCP server created by API Management, we recommend using version 0.9.0.
-
-### Add the MCP server in Visual Studio Code
-
-To add the MCP server in Visual Studio Code:
-
-1. Use the **MCP: Add Server** command from the Command Palette. 
-
-1. When prompted, select the server type: **HTTP (HTTP or Server Sent Events)**.
-1. Enter the **URL of the MCP server** in API Management. Example: `https://<apim-service-name>.azure-api.net/<api-name>-mcp/sse` (for SSE endpoint) or `https://<apim-service-name>.azure-api.net/<api-name>-mcp/mcp` (for MCP endpoint)
-1. Enter a **server ID** of your choice.
-1. Select whether to save the configuration to your **workspace settings** or **user settings**. 
-    * **Workspace settings** - The server configuration is saved to a `.vscode/mcp.json` file only available in the current workspace.
-
-    * **User settings** - The server configuration is added to your global `settings.json` file and is available in all workspaces. The configuration looks similar to the following:
-
-    :::image type="content" source="media/export-rest-mcp-server/mcp-servers-visual-studio-code.png" alt-text="Screenshot of MCP servers configured in Visual Studio Code.":::
-        
-Add fields to the JSON configuration for settings such as authentication header. The following example shows the configuration for an API Management subscription key passed in a header as in input value. Learn more about the [configuration format](https://code.visualstudio.com/docs/copilot/chat/mcp-servers#_configuration-format)   
-
-:::image type="content" source="media/export-rest-mcp-server/mcp-server-with-header-visual-studio-code.png" alt-text="Screenshot of authentication header configuration for an MCP server":::
-
-### Use tools in agent mode
-
-After adding an MCP server, you can use tools in agent mode.
-
-1. In GitHub Copilot chat, select **Agent** mode and select the **Tools** button to see available tools.
-
-    :::image type="content" source="media/export-rest-mcp-server/tools-button-visual-studio-code.png" alt-text="Screenshot of Tools button in chat.":::
-
-1. Select one or more tools from the MCP server to be available in the chat.
-
-    :::image type="content" source="media/export-rest-mcp-server/select-tools-visual-studio-code.png" alt-text="Screenshot of selecting tools in Visual Studio Code.":::
-
-1. Enter a prompt in the chat to invoke the tool. For example, if you selected a tool to get information about an order, you can ask the agent about an order. 
-
-    ```copilot-prompt
-    Get information for order 2
-    ```
-
-    Select **Continue** to see the results. The agent uses the tool to call the MCP server and returns the results in the chat.
-    
-    :::image type="content" source="media/export-rest-mcp-server/chat-results-visual-studio-code.png" alt-text="Screenshot of chat results in Visual Studio Code.":::
-
-## Related content
-
-* [Python sample: Secure remote MCP servers using Azure API Management (experimental)](https://github.com/Azure-Samples/remote-mcp-apim-functions-python)
-
-* [MCP client authorization lab](https://github.com/Azure-Samples/AI-Gateway/tree/main/labs/mcp-client-authorization)
-
-* [Use the Azure API Management extension for VS Code to import and manage APIs](visual-studio-code-tutorial.md)
-
-* [Register and discover remote MCP servers in Azure API Center](../api-center/register-discover-mcp-server.md)
-
+[!INCLUDE [api-management-configure-test-mcp-server](../../includes/api-management-configure-test-mcp-server.md)]