Skip to content

[BUG] Azure MCP server could not access resource I have only resource level access #1655

New issue
New issue
Open
Open
[BUG] Azure MCP server could not access resource I have only resource level access#1655
Assignees
alzimmermsft
Labels
customer-reportedneeds-team-attentionWorkflow: This issue needs attention from Azure service team or MCP team.questionFurther information is requestedserver-Azure.McpAzure.Mcp.Servertools-CoreAZMCP Core functionality that all other tools build on top oftools-SearchSearch
Milestone
2026-03
@alzhang-git

Description

@alzhang-git
alzhang-git
opened on Feb 5, 2026

Describe the bug

  1. I have access to Azure AI search resource at resource level, not at subscription level. I do not own that sub and have no access to that sub

  2. I configure Azure MCP server and install plugin successfully.

  3. I then use az login and select a subscription as prompted. I can't select sub mentioned in Update README.md #1

When entering prompt which trigger MCP plugin, I always get below error saying I do not have access.
Though in python code, I can access resource using DefaultAzureCredential().

Is there way to fix this in MCP route?

✗ Azure AI Search
{ "status": 500, "message": "Error retrieving Search index details: Service request failed.\r\nStatus: 403 (Forbidden)\r\n\r\nHeaders:\r\nTransfer-Encoding:
chunked\r\nStrict-Transport-Security: REDACTED\r\nPreference-Applied: REDACTED\r\nclient-request-id: 7296506a-8dd1-43e8-9da5-07823ecc108d\r\nx-ms-client-request-id:
7296506a-8dd1-43e8-9da5-07823ecc108d\r\nrequest-id: 7296506a-8dd1-43e8-9da5-07823ecc108d\r\nelapsed-time: 30\r\nDate: Thu, 05 Feb 2026 05:33:47 GMT\r\nContent-Language:
REDACTED\r\n. To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azmcp/troubleshooting (https://aka.ms/azmcp/troubleshooting)
.", "results": { "message": "Error retrieving Search index details: Service request failed.\r\nStatus: 403 (Forbidden)\r\n\r\nHeaders:\r\nTransfer-Encoding:
chunked\r\nStrict-Transport-Security: REDACTED\r\nPreference-Applied: REDACTED\r\nclient-request-id: 7296506a-8dd1-43e8-9da5-07823ecc108d\r\nx-ms-client-request-id:
7296506a-8dd1-43e8-9da5-07823ecc108d\r\nrequest-id: 7296506a-8dd1-43e8-9da5-07823ecc108d\r\nelapsed-time: 30\r\nDate: Thu, 05 Feb 2026 05:33:47 GMT\r\nContent-Language:
REDACTED\r\n", "type": "Exception" }, "duration": 0 }

Expected behavior

Have access

Actual behavior

Always get error

Reproduction Steps

  1. create resource with resource level access only
  2. setup MCP
  3. az login select sub
  4. try to involve MCP
  5. get error

Environment

production global azure. on windows

Metadata

Metadata

Assignees

Labels

customer-reportedneeds-team-attentionWorkflow: This issue needs attention from Azure service team or MCP team.questionFurther information is requestedserver-Azure.McpAzure.Mcp.Servertools-CoreAZMCP Core functionality that all other tools build on top oftools-SearchSearch

Type

No type

Projects

Azure MCP Server

Status

Not Started

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions