feat: Add user-assigned managed identity picker to MCP client

[wgrooversoftie]

…entity auth

Commit Type

• feature - New functionality
• fix - Bug fix
• refactor - Code restructuring without behavior change
• perf - Performance improvement
• docs - Documentation update
• test - Test-related changes
• chore - Maintenance/tooling

Risk Level

• Low - Minor changes, limited scope
• Medium - Moderate changes, some user impact
• High - Major changes, significant user/system impact

What & Why

Adds a user-assigned managed identity picker to the MCP client connector's Managed Service Identity authentication option. Previously, selecting "Managed identity" auth for an MCP server connection only used system-assigned MI with no UI to choose a specific identity. This change adds the same identity selection dropdown used by HTTP and other connectors, enabling users to select a user-assigned managed identity.

Also fixes a pre-existing bug in the Standalone test harness where getDataForConsumption() was stripping the identity field from the ARM response, causing the identity picker to show "No identities available" for consumption workflows. The portal extension does not have this bug.

Impact of Change

• Users: When creating an MCP server connection with Managed Identity auth, users now see a dropdown to choose between system-assigned and any user-assigned managed identities configured on the Logic App. Applies to both Standard and Consumption SKUs.
• Developers: No API changes. The identity parameter is added to the existing connectionParameterSets in the MCP connector manifests.
• System: No performance or architectural impact. Manifest-only data change plus a Standalone harness fix.

Test Plan

• Unit tests added/updated
• E2E tests added/updated
• Manual testing completed
• Tested in:
  Standard Logic App (live Azure) — both system-assigned and user-assigned MI visible
  Consumption Logic App (live Azure) — both system-assigned and user-assigned MI visible
  E2E: successfully created MCP connection with user-assigned MI against OAuth-protected MCP server (DivyaMCPApp)

Contributors

None

Screenshots/Videos

[github-actions]

🤖 AI PR Validation Report

PR Review Results

Thank you for your submission! Here's detailed feedback on your PR title and body compliance:

✅ PR Title

• Current: feat: Add user-assigned managed identity picker to MCP client
• Issue: None — title is clear, follows conventional-commit style and accurately reflects the change.
• Recommendation: (Optional) If you want to be even more specific, you can include the scope "MCP client connector/manifest" (e.g., feat(mcpclient): add user-assigned managed identity picker) but this is not required.

---

✅ Commit Type

• Properly selected (feature).
• Note: Only one commit type is selected which is correct for this change.

---

✅ Risk Level

• The PR body marks the change as Low, and the repo labels include risk:low. This matches the scope and nature of the manifest + harness fix changes in the diff.

---

✅ What & Why

• Current: Adds a user-assigned managed identity picker to the MCP client connector (ManagedServiceIdentity auth) and fixes a Standalone harness bug that stripped the identity field for consumption.
• Issue: None — explanation is clear and concise.
• Recommendation: Good as-is. If desired, add a one-line note referencing the specific manifest file(s) changed (e.g., path to mcpclientconnector manifest) to make the mapping even more explicit.

---

✅ Impact of Change

• The Impact section is present and appropriate.
• Recommendation: Good. If you want to be extra explicit, call out that manifests were updated for both Standard and Consumption connector manifests and list the files changed (optional).
  • Users: Users creating MCP server connections with Managed Identity will see the identity dropdown and can choose user-assigned MI.
  • Developers: No API changes; manifest-only parameter addition and some connection handling updates.
  • System: No performance/architectural impact; small manifest/data + harness fix.

---

✅ Test Plan

• Unit tests were claimed and are present in the diff (new/updated tests for both Standard and Consumption flows). Manual testing notes and an E2E validation mention are included in the body.
• Assessment: Good — unit tests added/updated as claimed. E2E tests were not added (not required), and the manual/E2E validation notes in the body are acceptable.

---

⚠️ Contributors

• Current: None
• Assessment: This field is optional. If others (PMs, designers, reviewers) contributed, consider adding them to give appropriate credit. No blocking requirement.

---

✅ Screenshots/Videos

• Screenshots are included and appear to demonstrate the identity picker UI.
• Assessment: Good — visuals included for a UI change.

---

Summary Table

Section	Status	Recommendation
Title	✅	Optional: add scope in commit prefix if desired
Commit Type	✅	No changes needed
Risk Level	✅	Matches labels and change scope
What & Why	✅	No changes needed
Impact of Change	✅	Optional: list exact files changed
Test Plan	✅	Unit tests present; E2E optional
Contributors	⚠️	Add contributors if others were involved
Screenshots/Videos	✅	No changes needed

---

Final message:
All required PR body sections are present and consistent with the code diff. Labels include risk:low, which matches my advised risk level of Low. Unit tests referenced in the PR are present in the changeset. No blocking issues found in the PR title or body — this is ready from a PR-title/body perspective.

Optional suggestions to improve clarity before merge:

• (Optional) Tweak the title to include a scope token (e.g., feat(mcpclient): ...) if you want stricter conventional commit scoping.
• (Optional) Add a short bullet in Impact or What & Why listing the specific manifest files changed (for easier reviewer reference).
• (Optional) If others contributed (PMs/designers/reviewers), list them in Contributors to give credit.

Please update only if you want to incorporate the optional clarifications above. Otherwise, this PR passes the PR title/body checklist. Thank you!

---

Last updated: Mon, 30 Mar 2026 19:55:00 GMT

[Copilot]

Pull request overview

Adds user-assigned managed identity selection support for MCP client managed identity authentication, and updates the Standalone (Consumption) harness to surface workflow identity so the identity picker can populate correctly.

Changes:

• Adds an identity parameter using the identitypicker editor to MCP client connector manifests (Standard + Consumption).
• Updates Standalone Consumption designer/template services to return the app’s managed identity from the workflow-and-artifacts ARM response.
• Minor import re-organization in the Standalone templates consumption entry.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
libs/logic-apps-shared/src/designer-client-services/lib/standard/manifest/mcpclientconnector.ts	Adds identity connection parameter to the MCP client ManagedServiceIdentity parameter set (Standard manifest).
libs/logic-apps-shared/src/designer-client-services/lib/consumption/manifests/mcpclientconnector.ts	Adds identity connection parameter to the MCP client ManagedServiceIdentity parameter set (Consumption manifest).
apps/Standalone/src/templates/app/TemplatesConsumption.tsx	Attempts to switch Consumption template harness identity source to the ARM workflow-and-artifacts response.
apps/Standalone/src/designer/app/AzureLogicAppsDesigner/laDesignerConsumptionV2.tsx	Switches Consumption designer service identity source to workflowAndArtifactsData.identity.
apps/Standalone/src/designer/app/AzureLogicAppsDesigner/laDesignerConsumption.tsx	Switches Consumption designer service identity source to workflowAndArtifactsData.identity.