cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Generative AI
Explore discussions on generative artificial intelligence techniques and applications within the Databricks Community. Share ideas, challenges, and breakthroughs in this cutting-edge field.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Managed MCP Server for Visual Studio Code and GitHub Copilot?

excavator-matt
Contributor III

โ€Ž01-29-2026 04:07 AM - edited โ€Ž01-29-2026 04:23 AM

Hi!

I am starting to explore the new managed Model Context Protocol (MCP) server with GitHub Copilot. I have successfully configured it to use the DBSQL MCP Server that you currently find in AI/ML -> Agents -> MCP Servers. As also shown in this post if you add the follow config to mcp.json.

```json
{
"servers": {
"databricks-sql": {
"url": "https://<workspace_host>/api/2.0/mcp/sql",
"type": "http",
"headers": {
"Authorization": "Bearer <PAT>"
}
}
},
"inputs": []
}```
However, as also stated in the official documentation, you are supposed to use OAuth in an OAuth app. The wizard for the OAuth app prompts for a Redirect URL, but it currently doesn't give any instructions on what this would be for Visual Studio Code or GitHub Copilot. Has anyone managed to figured this out? The only clue we get is

* Web-based clients: https://<domain>/oauth/callback or https://<domain>/api/mcp/auth_callback
* Local development tools: http://localhost:<port>/oauth/callback

What am I expected to put in my mcp.json?

2 REPLIES 2

excavator-matt
Contributor III

โ€Ž02-02-2026 06:54 AM - edited โ€Ž02-02-2026 06:56 AM

I don't know if I am on the right track (I can't believe how difficult this was), but according to this documentation, a redirect URL for Copilot in Visual Studio according to this extention guide could be: http://127.0.0.1:33418  and https://vscode.dev/redirect  .

We could try to enter these in the Databricks OAuth application. The question is however still what the mcp.json config would be. Copilot gives me some suggestions, but they not even worth trying. The Command Palette Wizard for MCP servers also crashes.

SteveOstrowski
Databricks Employee
Databricks Employee

2 weeks ago

Hi @excavator-matt,

The Databricks documentation page "Connect clients to MCP servers" covers OAuth setup for several popular MCP clients. VS Code with GitHub Copilot is not yet listed as a named example on that page, but the approach that works is the same pattern used for Cursor and Windsurf, which relies on the mcp-remote npm package to proxy the OAuth flow.

Here is the end-to-end walkthrough:


STEP 1: CREATE A DATABRICKS OAUTH APP

In your Databricks account console, go to Settings > App Connections > Add connection. Configure it as follows:

- Name: something descriptive, e.g. vscode-mcp-client
- Redirect URLs: http://localhost:3334/oauth/callback
(this is the default callback port that mcp-remote uses; if you change the port with --callback-port, update the redirect URL to match)
- Client type: Public (uncheck "Generate a client secret")
- Scopes: all-apis (or for tighter permissions use genie, unity-catalog, offline_access)

You can also create it via the Databricks CLI:

databricks account custom-app-integration create --json '{
"name": "vscode-mcp-client",
"redirect_urls": ["http://localhost:3334/oauth/callback"],
"confidential": false,
"scopes": ["all-apis"],
"token_access_policy": {
"access_token_ttl_in_minutes": 60,
"refresh_token_ttl_in_minutes": 10080
}
}'

Note the client_id that is returned.


STEP 2: CONFIGURE VS CODE

VS Code reads MCP server definitions from .vscode/mcp.json in your workspace or from your user-level MCP configuration (open via the command palette: "MCP: Open User Configuration").

Option A: OAuth via mcp-remote (works with all recent VS Code versions)

Add this to your mcp.json:

{
"servers": {
"databricks-sql": {
"command": "npx",
"args": [
"mcp-remote",
"https://<your-workspace-hostname>/api/2.0/mcp/sql",
"--static-oauth-client-info",
"{ \"client_id\": \"<your-oauth-client-id>\" }"
]
}
}
}

Replace <your-workspace-hostname> with your Databricks workspace URL (e.g. adb-1234567890123456.12.azuredatabricks.net) and <your-oauth-client-id> with the client ID from step 1.

When you first invoke a tool from this server, mcp-remote will open a browser window to complete the OAuth login. After you authenticate, the token is cached locally and refreshed automatically.

Option B: Native MCP OAuth (VS Code 1.101+, May 2025 and later)

VS Code 1.101 introduced built-in support for the MCP authorization specification, which means MCP servers that implement OAuth natively can be authenticated without mcp-remote. The Databricks managed MCP endpoints support the streamable HTTP transport with OAuth. If you are on VS Code 1.101 or newer, you can try:

{
"servers": {
"databricks-sql": {
"type": "http",
"url": "https://<your-workspace-hostname>/api/2.0/mcp/sql"
}
}
}

VS Code should detect that the server requires authentication and initiate the OAuth flow automatically using its built-in dynamic client registration. If the workspace requires a pre-registered OAuth app, you may still need to pair this with the mcp-remote approach in Option A.

Option C: PAT-based (your current approach, simplified)

If OAuth is not a hard requirement for your environment right now, your current PAT approach works. In VS Code mcp.json with a streamable HTTP server you can use:

{
"servers": {
"databricks-sql": {
"type": "http",
"url": "https://<your-workspace-hostname>/api/2.0/mcp/sql",
"headers": {
"Authorization": "Bearer ${input:databricksPat}"
}
},
"inputs": [
{
"id": "databricksPat",
"type": "promptString",
"description": "Databricks Personal Access Token",
"password": true
}
]
}
}

Using an input variable avoids hardcoding the PAT in the file.


STEP 3: VERIFY

Open the GitHub Copilot chat in VS Code (Ctrl+Shift+I or Cmd+Shift+I), and you should see the Databricks MCP tools available. You can test by asking Copilot a question that triggers the SQL tool, such as "List all tables in the main catalog."


WHICH MCP SERVER URL TO USE

The same approach works for any of the managed MCP server endpoints:

- Databricks SQL: /api/2.0/mcp/sql
- Vector Search: /api/2.0/mcp/vector-search/{catalog}/{schema}/{index_name}
- Genie Space: /api/2.0/mcp/genie/{genie_space_id}
- Unity Catalog Functions: /api/2.0/mcp/functions/{catalog}/{schema}/{function_name}

Just swap the URL in the configuration above.


REFERENCES

- Connect clients to MCP servers: https://docs.databricks.com/aws/en/generative-ai/mcp/connect-external-services
- Managed MCP servers overview: https://docs.databricks.com/aws/en/generative-ai/mcp/managed-mcp
- VS Code MCP server configuration: https://code.visualstudio.com/docs/copilot/chat/mcp-servers
- VS Code 1.101 release notes (MCP auth support): https://code.visualstudio.com/updates/v1_101

* This reply used an agent system I built to research and draft this response based on the wide set of documentation I have available and previous memory. I personally review the draft for any obvious issues and for monitoring system reliability and update it when I detect any drift, but there is still a small chance that something is inaccurate, especially if you are experimenting with brand new features.

Announcements