Azure MCP gives your Codex agent a direct way to inspect Azure resources, query services, and answer Azure operations questions from your local development workflow.

The setup is simple. Microsoft provides the Azure MCP Server, Codex provides MCP client support, and your Azure identity controls what the agent is allowed to see or change.

Prerequisites

  • Codex CLI installed
  • Active ChatGPT plan or Codex access
  • Azure subscription access
  • Azure CLI installed
  • Node.js LTS installed
  • Microsoft Entra ID account with Azure RBAC permissions
  • Basic terminal and Azure knowledge

What is Azure MCP Server?

Azure MCP Server is a Microsoft MCP server that lets compatible AI clients interact with Azure services. Instead of switching between the Azure portal, Azure CLI, and documentation, the agent calls Azure MCP tools to retrieve Azure context.

Azure MCP Server supports many Azure areas, including:

  • Subscriptions and resource groups
  • Azure Storage
  • Azure Key Vault
  • Azure App Service
  • Azure Monitor
  • Azure SQL
  • Azure Policy
  • Azure RBAC
  • Azure pricing and quotas

Azure MCP Server does not bypass Azure security. The server uses your Azure credentials or a managed identity, then Azure RBAC decides what the operation can access.

Microsoft does not currently publish a dedicated “Codex” quickstart in the Azure MCP Server documentation as of May 14, 2026. The connection still works because Azure MCP Server supports local STDIO (Standard Input/Output) transport, and Codex supports STDIO MCP servers through config.toml

What does Codex add?

Codex acts as the MCP client. After the Azure MCP Server is configured, you can chat with Azure MCP and give instructions using natural language. That connection lets Codex answer prompts such as:

  • Show my Azure subscriptions.
  • List resource groups in the selected subscription.
  • Check App Service settings for a web app.
  • Query Azure Monitor logs for recent errors.
  • Review Azure resources before changing infrastructure code.

You can even give a complete deployment such as:

Create xyz resources in this resource group, and set the tag…etc

Keep the first setup read-only. Read-only mode gives Codex a useful Azure context without allowing write operations.

Installing the Required Tools

The local setup uses Node.js because Microsoft publishes the Azure MCP Server as an NPM package named @azure/mcp. So start by installing the following component in order:

  • Node.js
  • After installing Node.js, run the following command npm install -g @openai/codex
  • Make sure to have the Codex client
  • And lastly, the Azure CLI.

Once all are installed, run the following command to confirm the installation

codex --version
node --version
az version

If all is OK, then the results should be similar to

Command execution

codex --version confirms that Codex is installed. node --version confirm that the NPM-based Azure MCP package can run. az version confirms that Azure CLI is available for authentication.

If you got errors, dont waste your time.. ask Codex Agent to fix it all for you.. it will

Installing the Azure MCP

The command below installs the Azure MCP Server package globally using npm.

npm install -g @azure/mcp

Signing in to Azure

Azure MCP Server needs Azure credentials before Codex can retrieve Azure resources. For a local developer setup, Azure CLI authentication is the most straightforward path.

The commands below sign in to Azure, list subscriptions, and set the active subscription used by Azure MCP Server. Type these commands in a regular cmd / Terminal / PowerShell. The MCP server will pick up the authentication context and perform the actions

az login
az account list --output table
az account set --subscription "00000000-0000-0000-0000-000000000000"
  • az login opens the Azure sign-in flow.
  • az account list shows the subscriptions available to the signed-in account.
  • az account set chooses the subscription that Azure MCP Server uses by default.

What permissions are required?

The signed-in account needs Azure RBAC permissions on the target resources. For example, reading storage data requires a storage data role, and reading Key Vault secrets requires Key Vault permissions.

Start with the least privilege that supports the task. For discovery and inventory prompts, Reader access at subscription or resource group scope is usually enough.

Adding Azure MCP to Codex

Codex stores the MCP server settings in config.toml. The default global file is under the user profile.

On Windows, the global Codex config path is:

C:\Users\<UserName>\.codex\config.toml

The PowerShell snippet below creates the Codex config folder if the folder does not already exist, then opens the config file in Notepad. If the file already exist, it just open the file for editing.

$CodexConfigFolder = Join-Path -Path $env:USERPROFILE -ChildPath ".codex"
$CodexConfigFile = Join-Path -Path $CodexConfigFolder -ChildPath "config.toml"

if (Test-Path -Path $CodexConfigFile -PathType Leaf) {
    Write-Host "The Codex config file already exists: $CodexConfigFile"
    notepad $CodexConfigFile
}
else {
    New-Item -Path $CodexConfigFolder -ItemType Directory -Force
    New-Item -Path $CodexConfigFile -ItemType File
    notepad $CodexConfigFile
}

How do you configure Azure MCP in config.toml?

The TOML configuration below tells Codex to start Azure MCP Server with npx. The Azure MCP Server runs as a local STDIO process, which is the default transport for local MCP use.

In most cases, you can add that block to the end of the config.toml file.

[mcp_servers.azure-mcp]
command = "npx"
args = ["-y", "@azure/mcp@latest", "server", "start"]
startup_timeout_sec = 30
tool_timeout_sec = 120

This creates a new MCP server entry named azure-mcp.

A few things to watch for:

  • Add it only once. Do not duplicate another [mcp_servers.azure-mcp] section.
  • Make sure the file is saved as config.toml, not config.toml.txt.
  • If the file already has other MCP servers, this block can still go at the end.
  • After saving, restart Codex so it reloads the MCP configuration.

command tells Codex which executable starts the MCP server. args passes the Azure MCP package name and server startup command. startup_timeout_sec gives the package more time to download and start on the first run. tool_timeout_sec gives Azure operations more time to complete.

How do you verify Codex sees the server?

The command below lists the MCP servers configured for Codex.

codex mcp list

The output should include azure-mcp. If the server does not appear, close and reopen Codex after saving config.toml.

Also, in the Codex desktop, if you type /mcp you should see azure-mcp

Using a Read-Only Azure MCP Setup

Start with read-only mode. Read-only mode allows useful discovery prompts while blocking write operations.

The TOML configuration below starts Azure MCP Server with the --read-only option.

[mcp_servers.azure-mcp]
command = "npx"
args = ["-y", "@azure/mcp@latest", "server", "start", "--read-only"]
startup_timeout_sec = 30
tool_timeout_sec = 120

The --read-only option prevents write operations from running through the Azure MCP Server. That option is a good default for learning, auditing, and resource discovery.

How do you expose only one Azure namespace?

To expose only one Azure namespace, use the –namespace option when starting the Azure MCP Server. A namespace is a group of Azure MCP tools for a specific Azure service or area. For example, –namespace subscription exposes subscription-related tools, while –namespace keyvault exposes Azure Key Vault-related tools. This keeps the MCP server focused only on the Azure tools you need instead of enabling tools for all supported services.

[mcp_servers.azure-mcp]
command = "npx"
args = ["-y", "@azure/mcp@latest", "server", "start", "--read-only", "--namespace", "subscription"]
startup_timeout_sec = 30
tool_timeout_sec = 120

What prompt should you run first?

Start with a read-only subscription prompt. The prompt below asks Codex to use Azure MCP without changing resources.

Use the azure-mcp tools to list my Azure subscriptions. Do not make any changes

That prompt confirms the connection, authentication, and RBAC path. If subscription listing works, move to resource group discovery.

How do you test resource group access?

The prompt below asks Codex to retrieve resource groups from the active subscription.

Use azure-mcp to list resource groups in my active Azure subscription. Return the name and location only

The prompt stays read-only and asks for a compact result. Compact prompts help avoid noisy output while testing.

Performing Full Deployment using Codex and Azure MCP

Here is an example of a full deployment for a Resource Group and a Key Vault

The below is a low quality prompt and its for testing, tune your prompt and set a guardrails.

UserPrompt: Using azure-mcp create a new resource group named “AI-Codex” set the tags as “Tag1=Value1”, then create a Keyvault inside this RG and name it “AI-Keyvault” set the tag to be “TagKV=Secret” All the deployment should be in the UAE North region

AI Response: Created the resource group:
AI-Codex
Location: uaenorth
Tags: Tag1=Value1
The Key Vault was not created because AI-Keyvault is already globally taken in Azure:VaultAlreadyExists: The vault name ‘AI-Keyvault’ is already in use.
The new resource group currently has no resources inside it. Choose a globally unique Key Vault name, and I can create it in AI-Codex with TagKV=Secret.

UserPrompt: recreate the key vault and keep trying by changing the name, but always keep “AI-Keyvayult-xxx” modify the xxx till you successfully deploy

AI Response: Created the Key Vault successfully. Name: AI-Keyvayult-001
Resource group: AI-Codex
Location: uaenorth
Tag: TagKV=Secret
Vault URI: https://ai-keyvayult-001.vault.azure.net/

Securing Azure MCP Access

Azure MCP Server gives Codex useful Azure context, so treat the setup like an administrative tool. The server does not replace RBAC, approvals, or change control.

What security settings matter most?

Use these defaults for local admin work:

  • Use --read-only for discovery and troubleshooting.
  • Use least-privilege Azure RBAC roles.
  • Avoid broad Owner or Contributor access for normal prompts.
  • Keep Azure MCP local unless a remote server is required.
  • Do not disable user confirmation for sensitive data.
  • Do not ask Codex to retrieve secrets unless the task explicitly requires that access.

Microsoft documents a confirmation mechanism for sensitive data operations. Keep that protection enabled.

FAQ: Fixing Common Azure MCP and Codex Errors

Most setup problems come from missing Node.js, missing Azure sign-in, a wrong config path, or not enough Azure RBAC permissions.

What causes npx not recognized?

npx comes with Node.js. Install Node.js LTS, close the terminal, open a new terminal, and run the version checks again.

The commands below confirm Node.js and NPX are available.

node --version
npx --version

Both commands should return a version number. If either command fails, fix the Node.js installation before troubleshooting Codex.

How do you fix Azure authentication failures?

Run the Azure CLI sign-in and subscription commands again.

az login
az account show --output table
az account set --subscription "00000000-0000-0000-0000-000000000000"

az account show confirms the active tenant and subscription. A wrong subscription context is a common reason Azure MCP returns empty or unexpected results.

Why does Codex not show azure-mcp?

Check the config path, TOML formatting, and Codex restart.

The command codex mcp list asks Codex to list configured MCP servers.

If azure-mcp is missing, confirm the server entry exists under [mcp_servers.azure-mcp] in the correct config.toml file. Restart Codex after saving the file.

Why does the first run take longer?

The first npx run downloads the Azure MCP package and resolves platform-specific files. Later runs usually start faster because the package is cached.

For slower networks, keep startup_timeout_sec = 30 or increase the value to 60.

Checking Official References

Use these official references when updating the setup:

Azure MCP with Codex is a practical setup for Azure administrators and developers who want cloud context inside an agent workflow. Start with a read-only configuration, confirm Azure CLI authentication, verify the MCP server in Codex, and expand the exposed Azure namespaces only after the basic connection works.

Rate this post