🔗 MCP Integration Patterns

MCP Integration Patterns

Model Context Protocol (MCP) enables agents to call tools in a standardized way. Databricks provides Managed, External, and Custom MCP servers - all governed by Unity Catalog.

📖 Managed MCP 📖 External Services 📖 Custom MCP
↓ Scroll to explore MCP types
Overview

What is MCP?

Model Context Protocol (MCP) is a standard for connecting AI agents to tools and data sources.

Instead of writing custom integrations for each tool, agents use MCP to discover and call tools through a unified interface.

MCP provides: tool discovery, standardized calling conventions, and structured responses.
MCP Types

Three Types of MCP Servers

Databricks supports three MCP server types:

  • Managed MCP - Databricks-hosted (Genie, Vector Search, UC Functions, DBSQL)
  • External MCP - Third-party servers via UC HTTP connections
  • Custom MCP - Your own servers hosted on Databricks Apps

All three are governed by Unity Catalog - permissions enforced, scopes validated.

Managed MCP

Managed MCP Servers

Databricks-hosted MCP servers expose core platform capabilities:

  • Genie - Natural language analytics on structured data
  • Vector Search - Retrieval across unstructured content
  • UC Functions - Deterministic tools registered in Unity Catalog
  • DBSQL - SQL statement execution
No setup required - these are ready to use with UC-enforced permissions.
Managed MCP

URL Patterns

Each managed MCP server has a specific URL pattern:

  • /api/2.0/mcp/genie/{space_id}
  • /api/2.0/mcp/vector-search/{catalog}/{schema}
  • /api/2.0/mcp/functions/{catalog}/{schema}
  • /api/2.0/mcp/sql

Note: Genie requires polling for long-running queries.

External MCP

External MCP Servers

Connect to third-party MCP servers through UC HTTP connections.

UC HTTP connections act as a secure proxy - your agent calls the connection, Databricks forwards to the external server with credentials managed in UC.

  • External tools appear under UC governance
  • Credentials stored in UC secret scopes
  • Access controlled by UC permissions
External MCP

UC HTTP Connection Pattern

Reference external MCP via UC connection:

uc://connections/{connection_name}

The connection stores:

  • External MCP server URL
  • Authentication credentials
  • Headers and configuration
Your agent never sees the external credentials - UC handles the proxy securely.
Custom MCP

Custom MCP Servers

Host your own MCP servers on Databricks Apps.

Use cases:

  • Organization-specific tools
  • Custom data transformations
  • Proprietary business logic
  • Internal API wrappers
Custom MCP servers support OAuth authentication. PAT auth is NOT supported for custom MCP.
Authentication

MCP Authentication

The three agent auth methods apply to MCP:

  • Automatic Passthrough - Declare MCP servers at logging time, system SP handles auth
  • OBO - Agent calls MCP with user's identity via DatabricksMCPClient
  • Manual - Required for custom MCP (OAuth only)

Declare MCP URLs and scopes when logging your agent for verification at deploy time.

Scopes

Required OAuth Scopes

Each MCP server type requires specific scopes:

  • mcp.genie - Genie spaces
  • mcp.functions - UC functions
  • mcp.vectorsearch - Vector Search
  • mcp.sql + sql.warehouses + sql.statement-execution - DBSQL
  • mcp.external - External MCP via UC connections
Minimize scopes - only request what your agent actually needs.
External Clients

Non-Databricks Clients

Connect external AI assistants to Databricks MCP servers:

  • Claude - Via Claude Connectors
  • Cursor/Windsurf - Via mcp-remote
  • ChatGPT - Via Custom Apps
  • MCP Inspector - For testing

Authentication options: OAuth (recommended) or PAT (managed/external only).

External Clients

OAuth Setup for Clients

To connect external clients via OAuth:

  1. Create OAuth app in Account Console
  2. Configure redirect URLs for your client
  3. Set appropriate scopes
  4. Configure client with MCP server URL + OAuth credentials

Example redirect URLs:

  • Claude: https://claude.ai/api/mcp/auth_callback
  • MCP Inspector: http://localhost:6274/oauth/callback
Governance

Unity Catalog Governance

All MCP types are governed by Unity Catalog:

  • Permissions checked before tool execution
  • Scopes validated at deploy time
  • Audit logs for all MCP calls
  • Row filters and column masks apply to data returned
Whether Managed, External, or Custom - UC ensures your agents only access what they're authorized to.
Summary

Key Takeaways

Managed MCP: Ready-to-use Databricks tools (Genie, VS, Functions, SQL).

External MCP: Third-party servers via UC HTTP connections.

Custom MCP: Your servers on Databricks Apps (OAuth only).

All governed by UC - declare dependencies, minimize scopes, permissions enforced.

🤖
Agent
On Model Serving
MCP Protocol Layer
🔮
Genie
Analytics
🔍
Vector Search
Retrieval
⚙️
UC Functions
Tools
📊
DBSQL
Queries
🌐
External MCP
Via UC HTTP Conn
📦
Custom MCP
Databricks Apps
🔗
UC Connection
Secure proxy
🌍
Third-Party Server
External tools
🛡️
Unity Catalog Governance
Permissions, Scopes, Audit, Row Filters, Column Masks
Managed MCP
🤖
Claude
💻
Cursor
💬
ChatGPT
🔧
Inspector

Quick Reference

Managed MCP

Databricks-hosted tools

  • Genie: /api/2.0/mcp/genie/{id}
  • Vector Search: /api/2.0/mcp/vector-search/{cat}/{sch}
  • UC Functions: /api/2.0/mcp/functions/{cat}/{sch}
  • DBSQL: /api/2.0/mcp/sql

Auth: Automatic, OBO, or PAT

External MCP

Third-party servers via UC

  • Pattern: uc://connections/{name}
  • UC HTTP connection as proxy
  • Credentials in UC secret scopes
  • UC governs access

Auth: Automatic, OBO, or PAT

Custom MCP

Your servers on Databricks Apps

  • Host on Databricks Apps
  • Organization-specific tools
  • OAuth authentication required
  • PAT not supported

Auth: OAuth only (Manual)

← Back to Orchestration Hub 📖 Official Docs 📄 Architecture Reference