Tool calling: AI agents securely call external tools using scoped tokens and delegated authentication and authorization, bypassing login redirects and user sessions. These guides show you how to protect your OpenAPI tools and MCP servers in Azure App Service so only authorized users and agents can access them. Secure your AI-powered applications with Microsoft Entra. This guide covers the complete security architecture for production AI agents: identity management, OAuth 2. MCP essentially acts as a bridge between an AI model and real-world services, enabling the agent to execute commands, fetch data, and perform transactions on a user's behalf.