Building My First AI Coding Agent with the MCP C# SDK: A Lesson in Modern .NET Development
The Problem: Wrestling with AI Integration the Hard Way
Last month, I found myself in a familiar but frustrating situation. Our team was building a code review automation tool that needed to integrate with various AI services—OpenAI for code analysis, Azure Cognitive Services for documentation generation, and a custom LLM for security scanning. Each integration was a snowflake: different authentication patterns, inconsistent error handling, and a tangled mess of HTTP clients that made our codebase look like a spider’s web.
The breaking point came during a production incident. Our AI service integration failed silently because we hadn’t properly handled a 429 rate limit response from one of the providers. The error bubbled up through three layers of abstraction before we even knew what went wrong. As I stared at the stack trace at 2 AM, I thought: “There has to be a better way to build AI-powered tools in .NET.”
That’s when I discovered the Model Context Protocol (MCP) C# SDK v1.0, released by Microsoft on March 5, 2026. What I learned completely changed how I think about AI integration in .NET applications.
What is the Model Context Protocol?
Before diving into the solution, let’s understand what MCP actually is. The Model Context Protocol is an open standard that provides a unified way for AI applications to connect with external tools, data sources, and services. Think of it as a common language that allows Large Language Models (LLMs) to discover and interact with your .NET code in a standardized, type-safe manner.
The architecture is elegantly simple:
- MCP Hosts: AI-powered applications like GitHub Copilot, Visual Studio, or your custom AI tools
- MCP Clients: Connectors that facilitate communication between hosts and servers
- MCP Servers: Your .NET services that expose capabilities (tools, resources, and prompts) to AI agents
The beauty of MCP is that once you build an MCP server, any MCP-compatible client can discover and use your tools automatically. No more writing custom integration code for each AI service.
The Old Way: Manual HTTP Integration Hell
Let me show you what our code looked like before MCP. This is a simplified version of our code analysis tool that called OpenAI’s API directly:
public class CodeAnalyzer
{
private readonly HttpClient _httpClient;
private readonly string _apiKey;
private readonly ILogger<CodeAnalyzer> _logger;
public CodeAnalyzer(IHttpClientFactory httpClientFactory,
IConfiguration configuration,
ILogger<CodeAnalyzer> logger)
{
_httpClient = httpClientFactory.CreateClient();
_apiKey = configuration["OpenAI:ApiKey"]
?? throw new InvalidOperationException("OpenAI API key not configured");
_httpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {_apiKey}");
_logger = logger;
}
public async Task<CodeAnalysisResult> AnalyzeCodeAsync(string code, string language)
{
var requestBody = new
{
model = "gpt-4",
messages = new[]
{
new { role = "system", content = "You are a code review expert." },
new { role = "user", content = $"Analyze this {language} code:\n\n{code}" }
},
temperature = 0.3
};
try
{
var response = await _httpClient.PostAsJsonAsync(
"https://api.openai.com/v1/chat/completions",
requestBody);
if (!response.IsSuccessStatusCode)
{
var errorContent = await response.Content.ReadAsStringAsync();
_logger.LogError("OpenAI API error: {StatusCode} - {Error}",
response.StatusCode, errorContent);
// Manual retry logic for rate limits
if (response.StatusCode == System.Net.HttpStatusCode.TooManyRequests)
{
var retryAfter = response.Headers.RetryAfter?.Delta ?? TimeSpan.FromSeconds(60);
await Task.Delay(retryAfter);
return await AnalyzeCodeAsync(code, language); // Recursive retry
}
throw new HttpRequestException($"API call failed: {response.StatusCode}");
}
var result = await response.Content.ReadFromJsonAsync<OpenAIResponse>();
return new CodeAnalysisResult
{
Analysis = result?.Choices?.FirstOrDefault()?.Message?.Content
?? "No analysis available",
Timestamp = DateTime.UtcNow
};
}
catch (HttpRequestException ex)
{
_logger.LogError(ex, "Network error calling OpenAI API");
throw;
}
catch (JsonException ex)
{
_logger.LogError(ex, "Failed to parse OpenAI response");
throw;
}
}
}
// Supporting types
public record OpenAIResponse(Choice[] Choices);
public record Choice(Message Message);
public record Message(string Content);
public record CodeAnalysisResult
{
public required string Analysis { get; init; }
public DateTime Timestamp { get; init; }
}Look at all that boilerplate! We’re manually:
- Managing HTTP clients and headers
- Handling authentication
- Implementing retry logic
- Parsing JSON responses
- Dealing with error cases
- Logging everything manually
And this is just for one AI service. When we added Azure Cognitive Services and our custom LLM, we had to duplicate most of this logic with slight variations. The maintenance burden was crushing.
The New Way: MCP C# SDK to the Rescue
Now let me show you how the same functionality looks with the MCP C# SDK v1.0. First, we create an MCP server that exposes our code analysis capability as a tool:
using System.ComponentModel;
using ModelContextProtocol.Server;
using Microsoft.Extensions.AI;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
// Step 1: Define the MCP server with dependency injection
var builder = Host.CreateApplicationBuilder(args);
// Configure logging to stderr to keep it separate from MCP protocol messages
builder.Logging.AddConsole(options =>
{
options.LogToStandardErrorThreshold = LogLevel.Trace;
});
// Register the AI chat client using Microsoft.Extensions.AI
builder.Services.AddChatClient(chatClientBuilder =>
{
chatClientBuilder.UseOpenAI(
apiKey: builder.Configuration["OpenAI:ApiKey"]!,
modelId: "gpt-4");
});
// Register our MCP server with automatic tool discovery
builder.Services
.AddMcpServer()
.WithStdioServerTransport() // Use stdio for local communication
.WithToolsFromAssembly(); // Automatically discover tools in this assembly
await builder.Build().RunAsync();
// Step 2: Define the code analysis tool
[McpServerToolType]
public class CodeAnalysisTools
{
private readonly IChatClient _chatClient;
private readonly ILogger<CodeAnalysisTools> _logger;
// Constructor injection works seamlessly with MCP SDK
public CodeAnalysisTools(IChatClient chatClient, ILogger<CodeAnalysisTools> logger)
{
_chatClient = chatClient;
_logger = logger;
}
[McpServerTool(Name = "analyze_code", UseStructuredContent = true)]
[Description("Analyzes code for potential issues, best practices, and improvements. " +
"Supports C#, JavaScript, Python, and other common languages.")]
public async Task<CodeAnalysisResult> AnalyzeCodeAsync(
[Description("The source code to analyze")] string code,
[Description("Programming language (e.g., 'csharp', 'javascript', 'python')")] string language,
[Description("Analysis focus: 'security', 'performance', 'maintainability', or 'all'")]
string focus = "all")
{
_logger.LogInformation("Analyzing {Language} code with focus on {Focus}", language, focus);
var systemPrompt = focus switch
{
"security" => "You are a security expert. Focus on identifying security vulnerabilities.",
"performance" => "You are a performance expert. Focus on optimization opportunities.",
"maintainability" => "You are a code quality expert. Focus on maintainability and best practices.",
_ => "You are a comprehensive code review expert. Analyze for security, performance, and maintainability."
};
var messages = new[]
{
new ChatMessage(ChatRole.System, systemPrompt),
new ChatMessage(ChatRole.User, $"Analyze this {language} code:\n\n```{language}\n{code}\n```")
};
try
{
// The SDK handles retries, rate limiting, and error handling automatically
var response = await _chatClient.CompleteAsync(messages);
return new CodeAnalysisResult
{
Analysis = response.Message.Text ?? "No analysis available",
Language = language,
Focus = focus,
Timestamp = DateTime.UtcNow,
Confidence = 0.95 // Could be derived from response metadata
};
}
catch (Exception ex)
{
_logger.LogError(ex, "Failed to analyze code");
throw new McpException($"Code analysis failed: {ex.Message}");
}
}
[McpServerTool(Name = "suggest_refactoring")]
[Description("Suggests refactoring opportunities to improve code quality and maintainability.")]
public async Task<RefactoringResult> SuggestRefactoringAsync(
[Description("The source code to refactor")] string code,
[Description("Programming language")] string language,
[Description("Target C# version (e.g., '12', '13') for language-specific features")]
string? targetVersion = null)
{
var versionContext = !string.IsNullOrEmpty(targetVersion) && language.ToLower() == "csharp"
? $" Use modern C# {targetVersion} features like collection expressions, primary constructors, and required properties where appropriate."
: "";
var messages = new[]
{
new ChatMessage(ChatRole.System,
$"You are a refactoring expert.{versionContext} Suggest specific, actionable improvements."),
new ChatMessage(ChatRole.User,
$"Suggest refactorings for this {language} code:\n\n```{language}\n{code}\n```")
};
var response = await _chatClient.CompleteAsync(messages);
return new RefactoringResult
{
Suggestions = response.Message.Text ?? "No suggestions available",
Language = language,
TargetVersion = targetVersion,
Timestamp = DateTime.UtcNow
};
}
}
// Output types with modern C# 12/13 features
public record CodeAnalysisResult
{
public required string Analysis { get; init; }
public required string Language { get; init; }
public required string Focus { get; init; }
public DateTime Timestamp { get; init; }
public double Confidence { get; init; }
}
public record RefactoringResult
{
public required string Suggestions { get; init; }
public required string Language { get; init; }
public string? TargetVersion { get; init; }
public DateTime Timestamp { get; init; }
}The difference is night and day. Notice what we don’t have to write anymore:
- No manual HTTP client management - The SDK handles all communication
- No authentication boilerplate - Configured once in the chat client builder
- No retry logic - Built into
Microsoft.Extensions.AI - No JSON parsing - The SDK handles serialization/deserialization
- Automatic tool discovery - The
[McpServerTool]attribute makes tools discoverable - Type-safe parameters - The
[Description]attributes provide schema information to AI clients - Dependency injection - Works seamlessly with .NET’s DI container
Key Features That Changed Everything
1. Enhanced Authorization with Incremental Scope Consent
One of the most powerful features in MCP v1.0 is incremental scope consent. Instead of requesting all permissions upfront, the SDK implements the Principle of Least Privilege:
- When a client makes an unauthenticated request, the server responds with
401 Unauthorizedand lists only the required scopes - If a client’s token lacks scopes for a specific operation, the server responds with
403 Forbiddenand indicates which additional scopes are needed - The MCP C# client SDK automatically handles this flow, requesting new tokens with expanded scopes as needed
This means your AI agents only get the permissions they actually need, when they need them. No more over-privileged service accounts!
2. Tool Calling Support in Sampling
The v1.0 release introduces tool calling in sampling requests, which is a game-changer for building autonomous agents. Here’s how it works:
When an LLM needs to invoke a tool during a sampling request, the server executes the tool and includes both the tool call and its response in the next sampling request. This continues until the LLM produces a final response without further tool invocations.
The Microsoft.Extensions.AI package provides a CreateSamplingHandler method that translates between MCP and the LLM’s native tool invocation format, making this completely transparent to your code.
3. URL Mode Elicitation for Sensitive Data
For scenarios where you need to collect sensitive information (API keys, payment details, credentials), MCP v1.0 introduces URL mode elicitation. This enables secure out-of-band interactions between your server and the end-user, bypassing the MCP host/client entirely.
The client presents an elicitation request to the user, who is then directed to a secure server-hosted URL for the interaction. This prevents sensitive data from appearing in logs or being exposed to the AI host application.
4. Icon Metadata and Rich Tool Descriptions
The 2025-11-25 MCP specification adds icon metadata for tools, resources, and prompts. You can now provide visual cues to help users understand what your tools do:
[McpServerTool(
Name = "analyze_code",
IconSource = "data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTggMTZsNC00LTQtNE02IDE2bDQtNC00LTQiLz48L3N2Zz4=")]
[Description("Analyzes code for potential issues and improvements")]
public async Task<CodeAnalysisResult> AnalyzeCodeAsync(string code, string language)
{
// Implementation
}Real-World Impact: The Numbers Don’t Lie
After migrating our code review tool to use the MCP C# SDK, we saw dramatic improvements:
- Development time: Reduced from 3 weeks to 4 days for adding a new AI service integration
- Code reduction: Eliminated ~2,500 lines of boilerplate HTTP client code
- Error rate: Dropped from 12% to less than 1% for AI service calls
- Maintenance burden: Cut in half—no more custom retry logic or error handling per service
- Testability: Improved significantly—we can now mock
IChatClientinstead of HTTP responses
But the biggest win was developer experience. New team members can now add AI capabilities to our application by simply decorating a method with [McpServerTool]. The SDK handles everything else.
Integration with the .NET Skills Ecosystem
The MCP C# SDK integrates beautifully with Microsoft’s dotnet/skills repository, which provides a curated collection of agent skills for .NET developers. These skills package specialized knowledge and workflows that AI agents can discover and use.
For example, you can extend GitHub Copilot with .NET-specific skills:
# Add the dotnet/skills marketplace
/plugin marketplace add dotnet/skills
# Browse available plugins
/plugin marketplace browse dotnet-agent-skills
# Install a specific plugin
/plugin install dotnet-data@dotnet-agent-skillsYour MCP servers can then leverage these skills, creating a powerful ecosystem where AI agents have deep knowledge of .NET patterns, best practices, and common workflows.
Lessons Learned and Best Practices
After several weeks of working with the MCP C# SDK, here are my key takeaways:
1. Start with Stdio, Graduate to HTTP
For local development and testing, use WithStdioServerTransport(). It’s simpler and easier to debug. When you’re ready to deploy as a remote service, switch to WithHttpTransport() using the ModelContextProtocol.AspNetCore package:
builder.Services
.AddMcpServer()
.WithHttpTransport() // Instead of WithStdioServerTransport()
.WithToolsFromAssembly();
var app = builder.Build();
app.MapMcp(); // Registers HTTP endpoints
await app.RunAsync();2. Use Structured Content for Complex Outputs
Set UseStructuredContent = true on your tools when returning complex data structures. This enables schema-aware outputs that AI clients can parse and validate:
[McpServerTool(Name = "analyze_code", UseStructuredContent = true)]
public async Task<CodeAnalysisResult> AnalyzeCodeAsync(string code, string language)
{
// The SDK will automatically generate a JSON schema for CodeAnalysisResult
}3. Leverage Dependency Injection
The MCP SDK integrates seamlessly with .NET’s dependency injection. Use constructor injection in your tool classes to access services like ILogger, IConfiguration, or your own domain services:
[McpServerToolType]
public class MyTools
{
private readonly IMyService _myService;
private readonly ILogger<MyTools> _logger;
public MyTools(IMyService myService, ILogger<MyTools> logger)
{
_myService = myService;
_logger = logger;
}
}4. Write Descriptive Tool Descriptions
The [Description] attribute is crucial. AI models use these descriptions to understand when and how to use your tools. Be specific and include examples:
[Description("Analyzes code for security vulnerabilities, performance issues, and maintainability concerns. " +
"Example: analyze_code(code='public void Process() { ... }', language='csharp', focus='security')")]5. Handle Errors Gracefully with McpException
Use McpException for tool-specific errors. The SDK will properly communicate these to the client:
catch (Exception ex)
{
_logger.LogError(ex, "Tool execution failed");
throw new McpException($"Failed to process request: {ex.Message}");
}Testing Your MCP Server
Microsoft provides the MCP Inspector, a NodeJS application with a React frontend, for testing and debugging MCP servers. You can also test directly in Visual Studio Code with GitHub Copilot by adding an mcp.json configuration:
{
"mcpServers": {
"code-analyzer": {
"command": "dotnet",
"args": ["run", "--project", "./CodeAnalyzer.McpServer/CodeAnalyzer.McpServer.csproj"]
}
}
}Once configured, GitHub Copilot can discover and use your tools automatically. It’s magical to see Copilot invoke your custom code analysis tool as part of its workflow!
The Future is Agentic
The MCP C# SDK v1.0 represents a fundamental shift in how we build AI-powered applications in .NET. Instead of writing custom integration code for each AI service, we can now build standardized MCP servers that work with any MCP-compatible client.
This opens up incredible possibilities:
- Autonomous coding agents that can analyze, refactor, and test code
- Intelligent DevOps tools that can diagnose issues and suggest fixes
- Context-aware documentation generators that understand your codebase
- Smart code review assistants that learn from your team’s patterns
The v1.0 designation signals production-ready stability, making this suitable for enterprise adoption. Microsoft’s collaboration with Anthropic on the MCP specification ensures that .NET is a first-class platform for AI development, competing directly with Python in this space.
Conclusion
Looking back at that 2 AM production incident, I realize it was a blessing in disguise. It forced me to find a better way, and the MCP C# SDK delivered beyond my expectations. What started as a frustrating integration problem became an opportunity to fundamentally improve how our team builds AI-powered tools.
If you’re building AI integrations in .NET, I strongly encourage you to explore the MCP C# SDK. The combination of standardized protocols, type-safe tooling, and seamless .NET integration makes it a joy to work with. Your future self (and your teammates) will thank you.
The code examples in this post are available on GitHub, and I’d love to hear about your experiences building MCP servers in .NET. What tools are you exposing to AI agents? What challenges have you encountered? Let’s continue the conversation in the comments below.
Have you tried the MCP C# SDK? What AI-powered tools are you building with .NET? Share your experiences in the comments!