MCP C# SDK Complete Guide: Building AI Servers for .NET (2026)
Complete guide to the Model Context Protocol C# SDK. Learn to build MCP servers in .NET with step-by-step examples, best practices, and enterprise integration patterns.
When Microsoft announced their commitment to AI tooling at Build 2025, I knew something big was coming. But I didn't realize how big until I got my hands on the Model Context Protocol C# SDK last November. What started as a simple experiment to connect Claude to our company's SQL Server database turned into a complete transformation of how we handle AI integrations.
Three months later, our MCP servers are processing over 50,000 AI requests daily across twelve different enterprise applications. The journey wasn't always smoothâI made plenty of mistakes along the wayâbut the results speak for themselves. Today, I'll share everything I learned about building production-ready MCP servers with C#.
The Moment Everything Clicked
Picture this: It's 2 AM on a Tuesday, and I'm staring at yet another failed API integration. Our sales team desperately needed Claude to access our CRM data, but every approach I tried felt like trying to fit a square peg in a round hole. OpenAI's function calling worked, but only for GPT models. Custom APIs were a maintenance nightmare. Then my colleague Sarah mentioned this new protocol called MCP.
"It's like USB-C for AI," she said, which honestly sounded like typical developer hyperbole. But when I saw the C# SDK documentation that night, something clicked. This wasn't just another API wrapperâthis was a fundamental shift in how AI applications connect to real-world data.
The Model Context Protocol brings something that .NET developers have been craving: a standardized way to expose enterprise data and tools to any AI model, not just OpenAI's. For a company like ours, running primarily on Microsoft's stack, this was exactly what we needed.
Why C# Developers Are Embracing MCP
Before diving into code, let me tell you why the C# SDK has become my go-to choice for AI integrations. It's not just about language preferenceâthere are real business advantages that became clear during our implementation.
First, enterprise integration is seamless. Our entire infrastructure runs on .NET, from our web APIs to our background services. Adding MCP servers felt natural, not like bolting on another technology stack. When your Azure Active Directory integration, Entity Framework models, and dependency injection patterns all work together, development speed increases dramatically.
Second, type safety saved our bacon multiple times. During development, the compiler caught errors that would have caused runtime failures in production. When you're dealing with financial data or customer information, those compile-time checks aren't just convenientâthey're essential.
Third, performance matters at scale. Our first MCP server handled 100 concurrent requests without breaking a sweat. The compiled nature of C# and the excellent async/await support meant we could scale horizontally without the performance concerns we'd experienced with other solutions.
But perhaps most importantly, the learning curve was minimal. Our existing .NET team was productive with MCP within days, not weeks. When you're moving fast in a competitive market, that time-to-value is crucial.
Building Your First Enterprise MCP Server
Let me walk you through building the same type of server that transformed our sales process. We'll create a customer data server that connects Claude to a SQL Server database, complete with proper error handling and security.
The beauty of the MCP C# SDK is how it builds on patterns you already know. If you've built ASP.NET Core applications, you'll feel right at home. Here's how we start:
using Mcp.Sdk;
using Mcp.Sdk.Server;
using Microsoft.Extensions.Logging;public class CustomerDataServer : McpServer
{
private readonly ILogger _logger;
private readonly ICustomerRepository _customerRepository;
public CustomerDataServer(ILogger logger, ICustomerRepository customerRepository)
{
_logger = logger;
_customerRepository = customerRepository;
RegisterTools();
}
private void RegisterTools()
{
RegisterTool("search_customers", SearchCustomersAsync);
RegisterTool("get_customer_details", GetCustomerDetailsAsync);
RegisterTool("update_customer_status", UpdateCustomerStatusAsync);
}
}
This foundation looks familiar to any .NET developerâdependency injection, logging, clean separation of concerns. But here's where it gets interesting. Each tool you register becomes available to any AI model that connects to your MCP server.
The SearchCustomersAsync method became our most-used tool. Sales reps can now ask Claude things like "Show me all customers in California with deals over $100k" and get instant, accurate results. Here's how we implemented it:
private async Task SearchCustomersAsync(ToolCall call)
{
var searchTerm = call.Arguments["query"]?.ToString();
var region = call.Arguments["region"]?.ToString();
var minimumDealSize = call.Arguments["minimumDealSize"]?.ToString(); if (string.IsNullOrEmpty(searchTerm))
{
return ToolResult.Error("Search query is required");
}
try
{
_logger.LogInformation("Searching customers with query: {Query}", searchTerm);
var customers = await _customerRepository.SearchAsync(new CustomerSearchRequest
{
Query = searchTerm,
Region = region,
MinimumDealSize = string.IsNullOrEmpty(minimumDealSize) ? null : decimal.Parse(minimumDealSize)
});
var response = customers.Select(c => new
{
Id = c.Id,
Name = c.CompanyName,
Contact = c.PrimaryContact,
Region = c.Region,
DealSize = c.CurrentDealValue,
Status = c.Status,
LastContact = c.LastContactDate
}).ToList();
return ToolResult.Success(response);
}
catch (FormatException ex)
{
_logger.LogWarning("Invalid deal size format: {DealSize}", minimumDealSize);
return ToolResult.Error("Invalid deal size format. Please provide a valid number.");
}
catch (Exception ex)
{
_logger.LogError(ex, "Error searching customers");
return ToolResult.Error("An error occurred while searching customers. Please try again.");
}
}
The real magic happens when Claude processes these results. It doesn't just return raw dataâit understands context, can summarize findings, and even suggests next actions based on the customer information.
The Dependency Injection Game-Changer
One of the biggest advantages of the C# SDK is how naturally it integrates with .NET's dependency injection container. This became crucial when we needed to add authentication, caching, and database connections to our MCP servers.
Our production setup looks like this:
// Program.cs
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;var builder = Host.CreateApplicationBuilder(args);
// Add standard .NET services
builder.Services.AddLogging();
builder.Services.AddDbContext(options =>
options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection")));
// Add our business services
builder.Services.AddScoped();
builder.Services.AddScoped();
builder.Services.AddMemoryCache();
// Register the MCP server
builder.Services.AddSingleton();
var app = builder.Build();
// Start the MCP server
var mcpServer = app.Services.GetRequiredService();
await mcpServer.RunAsync();
This approach meant our MCP server automatically got access to our existing authentication middleware, database context, and caching layer. No additional wiring requiredâit just works.
The impact on our development velocity was immediate. When the marketing team asked for a similar server to access campaign data, we had a working prototype in two hours. The same patterns, the same infrastructure, just different data models.
Security: Lessons Learned the Hard Way
I'll be honestâour first attempt at MCP security was naive. We figured since the server was internal, basic API key authentication would suffice. Then our security team saw the logs.
"You're exposing customer data to an AI system with minimal access controls," they said. They were right. We needed enterprise-grade security from day one.
Here's the authentication system we built, which has served us well in production:
public class SecureMcpServer : McpServer
{
private readonly IAuthenticationService _authService;
private readonly IAuthorizationService _authzService; protected override async Task AuthenticateAsync(string authToken, ClaimsPrincipal user)
{
try
{
var principal = await _authService.ValidateTokenAsync(authToken);
if (principal == null) return false;
// Set user context for this request
HttpContext.Current.User = principal;
return true;
}
catch (SecurityTokenException ex)
{
_logger.LogWarning("Authentication failed: {Error}", ex.Message);
return false;
}
}
protected override async Task AuthorizeToolAsync(string toolName, ClaimsPrincipal user)
{
var resource = new { Tool = toolName, Type = "MCP" };
var requirement = new OperationAuthorizationRequirement { Name = "Execute" };
var result = await _authzService.AuthorizeAsync(user, resource, requirement);
return result.Succeeded;
}
}
This integration with ASP.NET Core's authentication and authorization system meant our MCP servers inherited all our existing security policies. Role-based access control, Azure AD integration, audit loggingâeverything worked automatically.
The breakthrough moment came when our compliance team audited the system. Instead of finding security gaps, they praised the granular access controls and detailed audit trails. That's when I knew we'd built something sustainable.
Real-World Enterprise Integration: The SharePoint Challenge
Six months after our initial success, the legal department approached us with an ambitious request. They wanted Claude to help them search through thousands of SharePoint documents, but with strict access controls based on document permissions.
This became our most complex MCP implementation, but it also showcased the power of the C# ecosystem. Using Microsoft Graph SDK alongside our MCP server, we created something truly powerful:
public class SharePointMcpServer : McpServer
{
private readonly GraphServiceClient _graphClient;
private readonly IUserPermissionService _permissionService; public SharePointMcpServer(GraphServiceClient graphClient, IUserPermissionService permissionService)
{
_graphClient = graphClient;
_permissionService = permissionService;
RegisterTool("search_documents", SearchDocumentsAsync);
RegisterTool("get_document_summary", GetDocumentSummaryAsync);
RegisterTool("find_similar_cases", FindSimilarCasesAsync);
}
private async Task SearchDocumentsAsync(ToolCall call)
{
var query = call.Arguments["query"]?.ToString();
var documentType = call.Arguments["documentType"]?.ToString();
var dateRange = call.Arguments["dateRange"]?.ToString();
if (string.IsNullOrEmpty(query))
{
return ToolResult.Error("Search query cannot be empty");
}
try
{
var currentUser = HttpContext.Current.User;
var searchQuery = BuildSearchQuery(query, documentType, dateRange);
var searchResults = await _graphClient.Search.Query
.PostAsync(new SearchRequest
{
Requests = new[]
{
new SearchRequestObject
{
EntityTypes = new[] { EntityType.DriveItem },
Query = new SearchQuery { QueryString = searchQuery },
Size = 25
}
}
});
var filteredResults = new List();
foreach (var hit in searchResults.Value[0].HitsContainers[0].Hits)
{
var documentId = hit.Resource.AdditionalData["id"]?.ToString();
if (await _permissionService.CanUserAccessDocumentAsync(currentUser, documentId))
{
filteredResults.Add(new DocumentResult
{
Title = hit.Resource.AdditionalData["name"]?.ToString(),
Url = hit.Resource.AdditionalData["webUrl"]?.ToString(),
Summary = hit.Summary,
LastModified = DateTime.Parse(hit.Resource.AdditionalData["lastModifiedDateTime"]?.ToString()),
Author = hit.Resource.AdditionalData["author"]?.ToString()
});
}
}
_logger.LogInformation("Document search completed. Query: {Query}, Results: {Count}", query, filteredResults.Count);
return ToolResult.Success(new
{
Query = query,
TotalResults = filteredResults.Count,
Documents = filteredResults.Take(10), // Return top 10 for AI processing
Message = filteredResults.Count > 10
? $"Showing top 10 of {filteredResults.Count} accessible documents"
: $"Found {filteredResults.Count} accessible documents"
});
}
catch (Exception ex)
{
_logger.LogError(ex, "Error searching SharePoint documents");
return ToolResult.Error("Failed to search documents. Please try again with a different query.");
}
}
}
The lawyers were amazed. They could now ask questions like "Find all contracts related to data processing from the last two years" and get accurate, permission-filtered results instantly. What used to take hours of manual searching now happened in seconds.
But the real win was the permission filtering. Each user only saw documents they had access to, maintaining SharePoint's security model while enabling AI assistance. This became our template for all future integrations with Microsoft 365 services.
Performance at Scale: Handling 50,000 Daily Requests
By month eight, our MCP servers were handling serious traffic. The customer data server alone was processing 15,000 requests daily, and response times were starting to creep up. This is where the C# ecosystem really shined.
First, we implemented intelligent caching using .NET's built-in IMemoryCache:
public class CachedCustomerDataServer : CustomerDataServer
{
private readonly IMemoryCache _cache;
private readonly ILogger _logger; public CachedCustomerDataServer(
IMemoryCache cache,
ILogger logger,
ICustomerRepository customerRepository)
: base(logger, customerRepository)
{
_cache = cache;
_logger = logger;
}
protected override async Task SearchCustomersAsync(ToolCall call)
{
var cacheKey = GenerateCacheKey(call.Arguments);
if (_cache.TryGetValue(cacheKey, out var cachedResult))
{
_logger.LogDebug("Cache hit for customer search: {CacheKey}", cacheKey);
return (ToolResult)cachedResult;
}
var result = await base.SearchCustomersAsync(call);
if (result.IsSuccess)
{
var cacheOptions = new MemoryCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(10),
SlidingExpiration = TimeSpan.FromMinutes(5),
Priority = CacheItemPriority.High
};
_cache.Set(cacheKey, result, cacheOptions);
_logger.LogDebug("Cached customer search result: {CacheKey}", cacheKey);
}
return result;
}
private string GenerateCacheKey(Dictionary arguments)
{
var keyBuilder = new StringBuilder("customer_search:");
foreach (var kvp in arguments.OrderBy(x => x.Key))
{
keyBuilder.Append($"{kvp.Key}={kvp.Value};");
}
return keyBuilder.ToString();
}
}
The impact was immediateâaverage response time dropped from 850ms to 120ms for cached queries. But we needed more than just caching for true scalability.
Next, we implemented connection pooling and async optimization. The Entity Framework integration made this straightforward:
public class OptimizedCustomerRepository : ICustomerRepository
{
private readonly CrmDbContext _context;
private readonly ILogger _logger; public async Task> SearchAsync(CustomerSearchRequest request)
{
var query = _context.Customers.AsQueryable();
// Build the query incrementally for better performance
if (!string.IsNullOrEmpty(request.Query))
{
query = query.Where(c =>
c.CompanyName.Contains(request.Query) ||
c.PrimaryContact.Contains(request.Query) ||
c.Description.Contains(request.Query));
}
if (!string.IsNullOrEmpty(request.Region))
{
query = query.Where(c => c.Region == request.Region);
}
if (request.MinimumDealSize.HasValue)
{
query = query.Where(c => c.CurrentDealValue >= request.MinimumDealSize.Value);
}
// Use async enumerable for large result sets
var customers = await query
.OrderByDescending(c => c.CurrentDealValue)
.Take(50) // Reasonable limit for AI processing
.ToListAsync();
_logger.LogInformation("Customer search completed. Query: {Query}, Results: {Count}",
request.Query, customers.Count);
return customers;
}
}
These optimizations, combined with Azure's auto-scaling capabilities, meant our MCP servers could handle traffic spikes without degradation. During our biggest sales quarter, we processed over 75,000 requests in a single day without any performance issues.
The Monitoring and Debugging Breakthrough
One challenge we didn't anticipate was debugging AI interactions. When Claude gives an unexpected response, is it the AI model, the MCP server, or the underlying data? Traditional logging wasn't enough.
We solved this by implementing comprehensive telemetry using Application Insights:
public class InstrumentedMcpServer : McpServer
{
private readonly TelemetryClient _telemetryClient;
private readonly ILogger _logger; protected override async Task ExecuteToolAsync(string toolName, ToolCall call)
{
using var activity = StartActivity(toolName, call);
try
{
var result = await base.ExecuteToolAsync(toolName, call);
TrackToolExecution(toolName, call, result, activity);
return result;
}
catch (Exception ex)
{
TrackToolFailure(toolName, call, ex, activity);
throw;
}
}
private Activity StartActivity(string toolName, ToolCall call)
{
var activity = new Activity($"MCP.Tool.{toolName}");
activity.SetTag("tool.name", toolName);
activity.SetTag("tool.arguments", JsonSerializer.Serialize(call.Arguments));
activity.SetTag("user.id", HttpContext.Current.User?.Identity?.Name ?? "anonymous");
return activity.Start();
}
private void TrackToolExecution(string toolName, ToolCall call, ToolResult result, Activity activity)
{
var telemetry = new EventTelemetry("MCP.Tool.Executed");
telemetry.Properties["ToolName"] = toolName;
telemetry.Properties["Success"] = result.IsSuccess.ToString();
telemetry.Properties["Duration"] = activity.Duration.TotalMilliseconds.ToString();
if (result.IsSuccess)
{
telemetry.Properties["ResultType"] = result.Content?.GetType()?.Name ?? "Unknown";
}
else
{
telemetry.Properties["ErrorMessage"] = result.ErrorMessage;
}
_telemetryClient.TrackEvent(telemetry);
_logger.LogInformation("Tool {ToolName} executed in {Duration}ms. Success: {Success}",
toolName, activity.Duration.TotalMilliseconds, result.IsSuccess);
}
}
This telemetry proved invaluable during production debugging. When users reported "Claude gave me weird results," we could trace the exact tool calls, data returned, and processing time. More importantly, we could identify patterns in failed requests and proactively fix issues.
The Azure dashboard we built from this telemetry became essential for our operations team. They could see real-time usage patterns, identify slow queries, and monitor error rates across all our MCP servers.
Testing: The Foundation of Reliable AI Integrations
One of our biggest learnings was that traditional unit testing wasn't sufficient for MCP servers. We needed integration tests that could simulate real AI interactions. Here's the testing framework we developed:
[TestClass]
public class CustomerDataServerIntegrationTests
{
private TestHost _testHost;
private CustomerDataServer _mcpServer;
private CrmDbContext _testDb; [TestInitialize]
public async Task Setup()
{
var builder = Host.CreateApplicationBuilder();
// Use in-memory database for testing
builder.Services.AddDbContext(options =>
options.UseInMemoryDatabase($"TestDb_{Guid.NewGuid()}"));
builder.Services.AddScoped();
builder.Services.AddSingleton();
builder.Services.AddLogging();
_testHost = builder.Build();
await _testHost.StartAsync();
_mcpServer = _testHost.Services.GetRequiredService();
_testDb = _testHost.Services.GetRequiredService();
await SeedTestDataAsync();
}
[TestMethod]
public async Task SearchCustomers_WithValidQuery_ReturnsMatchingCustomers()
{
// Arrange
var toolCall = new ToolCall("search_customers", new Dictionary
{
["query"] = "Acme Corp",
["region"] = "California"
});
// Act
var result = await _mcpServer.ExecuteToolAsync("search_customers", toolCall);
// Assert
Assert.IsTrue(result.IsSuccess);
var customers = JsonSerializer.Deserialize(result.Content.ToString());
Assert.IsTrue(customers.Any(c => c.CompanyName.Contains("Acme")));
Assert.IsTrue(customers.All(c => c.Region == "California"));
}
[TestMethod]
public async Task SearchCustomers_WithInvalidDealSize_ReturnsError()
{
// Arrange
var toolCall = new ToolCall("search_customers", new Dictionary
{
["query"] = "test",
["minimumDealSize"] = "not-a-number"
});
// Act
var result = await _mcpServer.ExecuteToolAsync("search_customers", toolCall);
// Assert
Assert.IsFalse(result.IsSuccess);
Assert.IsTrue(result.ErrorMessage.Contains("Invalid deal size format"));
}
private async Task SeedTestDataAsync()
{
var customers = new[]
{
new Customer { CompanyName = "Acme Corp", Region = "California", CurrentDealValue = 150000 },
new Customer { CompanyName = "Tech Solutions Inc", Region = "Texas", CurrentDealValue = 75000 },
new Customer { CompanyName = "Global Industries", Region = "California", CurrentDealValue = 200000 }
};
_testDb.Customers.AddRange(customers);
await _testDb.SaveChangesAsync();
}
[TestCleanup]
public async Task Cleanup()
{
if (_testHost != null)
{
await _testHost.StopAsync();
_testHost.Dispose();
}
}
}
These integration tests caught numerous edge cases that unit tests missed. More importantly, they gave us confidence when deploying updates to production. Our CI/CD pipeline runs these tests automatically, and we've prevented several regressions as a result.
The Deployment Story: From Local to Azure
Getting our MCP servers into production required solving several infrastructure challenges. We needed high availability, automatic scaling, and seamless updates without disrupting AI interactions.
Our solution leveraged Azure Container Apps with some custom tooling:
FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /src
COPY ["CustomerDataServer/CustomerDataServer.csproj", "CustomerDataServer/"]
RUN dotnet restore "CustomerDataServer/CustomerDataServer.csproj"
COPY . .
WORKDIR "/src/CustomerDataServer"
RUN dotnet build "CustomerDataServer.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "CustomerDataServer.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
Health check endpoint
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl -f http://localhost:80/health || exit 1ENTRYPOINT ["dotnet", "CustomerDataServer.dll"]
The Azure deployment configuration uses Container Apps for automatic scaling:
azure-container-app.yml
apiVersion: containerapp/v1
kind: ContainerApp
metadata:
name: customer-data-mcp-server
spec:
configuration:
ingress:
external: false
targetPort: 80
secrets:
name: db-connection-string
value: "Server=..."
name: azure-ad-client-secret
value: "..."
template:
containers:
name: mcp-server
image: myregistry.azurecr.io/customer-data-server:latest
env:
name: ConnectionStrings__DefaultConnection
secretRef: db-connection-string
name: AzureAd__ClientSecret
secretRef: azure-ad-client-secret
name: ASPNETCORE_ENVIRONMENT
value: Production
resources:
cpu: 1.0
memory: 2.0Gi
scale:
minReplicas: 2
maxReplicas: 10
rules:
name: http-requests
http:
metadata:
concurrentRequests: 30
This setup has served us well through multiple high-traffic periods. The automatic scaling has handled demand spikes seamlessly, and the health checks ensure problematic instances are replaced quickly.
Lessons Learned and Best Practices
After a year of running MCP servers in production, here are the key lessons that will save you time and headaches:
Start with security, not as an afterthought. Our initial "we'll add auth later" approach cost us weeks of rework. Build authentication and authorization into your first prototype. Your security team will thank you, and you'll avoid technical debt.
Embrace the .NET ecosystem fully. Don't try to reinvent logging, configuration, or dependency injection. The MCP C# SDK works beautifully with existing .NET patterns. Use what you know.
Design for debugging from day one. AI interactions are complex, and when things go wrong, you need detailed telemetry. Invest in comprehensive logging and monitoring early. It pays dividends during production troubleshooting.
Test with realistic data and scenarios. Your test database with 10 clean records won't reveal the issues you'll face with 10 million messy production records. Use production-like data in your testing environment.
Cache aggressively, but invalidate intelligently. Caching can dramatically improve performance, but stale data in AI responses erodes trust quickly. Build cache invalidation into your data update workflows.
Plan for scale from the beginning. Even if you're starting small, design your MCP servers to handle 10x your initial traffic. The architecture decisions you make early are expensive to change later.
The Future: What's Next for MCP in .NET
The momentum behind MCP in the .NET community is incredible. Microsoft's integration with Azure AI services is deepening, and the tooling keeps getting better. We're already experimenting with the upcoming MCP 2.0 features, including improved streaming support and enhanced security protocols.
One area I'm particularly excited about is the integration with .NET Aspire. The distributed application toolkit makes it easier than ever to build complex MCP architectures with multiple specialized servers. Our next major project involves rebuilding our entire AI infrastructure as an Aspire application.
The community is also contributing amazing extensions. Third-party libraries for common patterns like rate limiting, request validation, and schema generation are emerging. The ecosystem is maturing rapidly.
Your Next Steps
If you're considering MCP for your .NET applications, my advice is simple: start small, but start today. Pick one use case that's causing pain in your organizationâcustomer data lookup, document search, inventory queriesâand build a focused MCP server around it.
The C# SDK makes it straightforward to get started, and the integration with your existing .NET infrastructure means you can leverage everything you've already built. Don't wait for the perfect architecture; build something useful and iterate.
The transformation our team experienced with MCP wasn't just about technologyâit was about fundamentally changing how we think about AI integration. Instead of building custom solutions for each use case, we now have a standardized platform that works across any AI model.
Ready to get started? The MCP C# SDK documentation is comprehensive, and the community on Discord is incredibly helpful. The hardest part is taking that first step.
Your AI-powered future is waiting. Let's build it together.