Enable HTTP support across all trimmed azmcp distributions and update Docker to use trimmed azmcp

[anuchandy]

What does this PR do?

This change enables:

1. HTTP transport (and thereby OBO authentication - remote) for all trimmed distributions we currently support (npm, NuGet, VSIX, etc.)
2. Trimmed support for Docker

To enable this, we took a dependency on a pre-release version of Microsoft.Identity.Web

[Any additional context, screenshots, or information that helps reviewers]

I’ve kept the existing enable_http directive (in code) and Docker platform (in build_info) separation in place rather than aggressively refactoring/removing them out. This preserves our ability to roll back to the previous form (trimmed non-http for non-docker distributions and untrimmed Docker) if needed during pre-release time. I’m planning to make those cleanup changes as we get closer to IDWeb GA, when the surface is more stable.

GitHub issue number?

[Link to the GitHub issue this PR addresses]

Pre-merge Checklist

• Required for All PRs
  • Read contribution guidelines
  • PR title clearly describes the change
  • Commit history is clean with descriptive messages (cleanup guide)
  • Added comprehensive tests for new/modified functionality
  • Updated servers/Azure.Mcp.Server/CHANGELOG.md and/or servers/Fabric.Mcp.Server/CHANGELOG.md for product changes (features, bug fixes, UI/UX, updated dependencies)
• For MCP tool changes:
  • One tool per PR: This PR adds or modifies only one MCP tool for faster review cycles
  • Updated servers/Azure.Mcp.Server/README.md and/or servers/Fabric.Mcp.Server/README.md documentation
  • Validate README.md changes using script at eng/scripts/Process-PackageReadMe.ps1. See Package README
  • Updated command list in /servers/Azure.Mcp.Server/docs/azmcp-commands.md and/or /docs/fabric-commands.md
  • Run .\eng\scripts\Update-AzCommandsMetadata.ps1 to update tool metadata in azmcp-commands.md (required for CI)
  • For new or modified tool descriptions, ran ToolDescriptionEvaluator and obtained a score of 0.4 or more and a top 3 ranking for all related test prompts
  • For tools with new names, including new tools or renamed tools, update consolidated-tools.json
  • For new tools associated with Azure services or publicly available tools/APIs/products, add URL to documentation in the PR description
• Extra steps for Azure MCP Server tool changes:
  • Updated test prompts in /servers/Azure.Mcp.Server/docs/e2eTestPrompts.md
  • 👉 For Community (non-Microsoft team member) PRs:
    • Security review: Reviewed code for security vulnerabilities, malicious code, or suspicious activities before running tests (crypto mining, spam, data exfiltration, etc.)
    • Manual tests run: added comment /azp run mcp - pullrequest - live to run Live Test Pipeline

[Copilot]

Pull request overview

This PR enables HTTP support for trimmed azmcp distributions across all platforms (npm, NuGet, VSIX, Docker) by upgrading to Microsoft.Identity.Web 4.4.0-preview.1, which includes AOT-safe HTTP support. Previously, only Docker builds were untrimmed to enable HTTP support, while other distributions used trimmed builds without HTTP. The changes also update Docker to use trimmed builds for both x64 and arm64 architectures.

Changes:

• Upgraded Microsoft.Identity.Web to 4.4.0-preview.1 (prerelease) and Microsoft.Identity.Abstractions to 11.0.0 for AOT-compatible HTTP support
• Modified authentication setup to use AddMicrosoftIdentityWebApiAot instead of AddMicrosoftIdentityWebApi
• Enabled ENABLE_HTTP directive for all build configurations (previously excluded for trimmed/native builds)
• Switched Docker platform definitions to use trimmed builds
• Added musl-arm64 architecture support to Docker builds

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
eng/scripts/New-BuildInfo.ps1	Updated Docker platform definitions to use trimmed builds instead of untrimmed; added comprehensive comments explaining the rollback safety net
eng/scripts/Build-Docker.ps1	Added musl-arm64 architecture mapping to support ARM64 Docker images
Directory.Packages.props	Upgraded Microsoft.Identity.Web packages to 4.4.0-preview.1 and Microsoft.Identity.Abstractions to 11.0.0
Directory.Build.props	Enabled ENABLE_HTTP directive for all builds (removed condition restricting it from trimmed/native builds) with updated comments
core/Microsoft.Mcp.Core/src/Services/Azure/Authentication/AuthenticationServiceCollectionExtensions.cs	Changed AddHttpOnBehalfOfTokenCredentialProvider to accept AuthenticationBuilder and use AddTokenAcquisition() directly instead of EnableTokenAcquisitionToCallDownstreamApi()
core/Microsoft.Mcp.Core/src/Areas/Server/Commands/ServiceStartCommand.cs	Migrated from AddMicrosoftIdentityWebApi to AddMicrosoftIdentityWebApiAot and changed to use MicrosoftIdentityApplicationOptions instead of MicrosoftIdentityOptions

[joshfree]

The code is good - but you're missing the CHANGELOG.md which is used for the release notes and monday minutes updates