Create your first Copilot MCP registry for VSCode

[zizyan]

MCP Governance Using Registry & Secure Allowlisting

Modern Copilot + Model Context Protocol (MCP) adoption in enterprises demands strong governance: administrators must ensure only vetted, policy-compliant MCP servers run inside developer IDEs. A centrally curated MCP Registry acts as a trust boundary—developers receive only approved endpoints; shadow or unreviewed servers never surface. By combining the community MCP Registry v0.1 frozen API, dual schema acceptance (current + legacy), controlled validation, and secure HTTPS exposure, organizations achieve:

• Least privilege MCP server availability
• Auditable change control (fork + PR workflow)
• Backwards compatibility while migrating legacy schemas
• Alignment with supply chain & secrets governance policies

This guide walks through building a curated registry, exposing it securely, enforcing it at the GitHub Enterprise / org level, and verifying that VS Code / VS Code Insiders uses a custom registry and only shows allowlisted MCP servers pre-configured from the registry.

---

What We Implemented

1. Added dual schema support schema date tag with 2025-10-17 and 2025-09-29 for smoother interoperability.
2. Curated MCP Servers data/seed.json with 4 example MCP servers:
   • Terraform (io.github.hashicorp/terraform-mcp-server)
   • Elasticsearch (io.github.cr7258/elasticsearch-mcp-server)
   • Atlassian Rovo (com.atlassian/atlassian-mcp-server)
   • Jira (ai.waystation/jira)
3. Enhanced importer to treat both /v0/servers and /v0.1/servers as paginated sources.
4. Validated remote/local seeding using environment variables.

---

Step by Step 1 Clone and Run

Clone / Fork

# Fork or Clone the community registry to build your custom one
# Clone registry locally
git clone https://github.com/modelcontextprotocol/registry.git
cd registry

Confirm Dual Schema Support

1. Open pkg/model/constants.go and verify both schema versions are defined:

// Schema versions
const (
	// CurrentSchemaVersion is the current supported schema version date
	CurrentSchemaVersion = "2025-10-17"
	// CurrentSchemaURL is the full URL to the current schema
	CurrentSchemaURL = "https://static.modelcontextprotocol.io/schemas/" + CurrentSchemaVersion + "/server.schema.json"
	// PreviousSchemaVersion is the previous schema version that's still supported for backwards compatibility
	PreviousSchemaVersion = "2025-09-29"
)

2. Open internal/validators/validators.go and updated schema validation to accept both current and previous versions:

• Changed from only accepting CurrentSchemaVersion to accepting both CurrentSchemaVersion and PreviousSchemaVersion
• Updated error message to indicate both supported schema versions

// Accept both current and previous schema versions for backwards compatibility
if !strings.Contains(serverJSON.Schema, model.CurrentSchemaVersion) &&
		!strings.Contains(serverJSON.Schema, model.PreviousSchemaVersion) {
		return fmt.Errorf("schema version %s is not supported. Please use schema version %s or %s", serverJSON.Schema, model.CurrentSchemaVersion, model.PreviousSchemaVersion)
	}

3. Open /internal/importer/importer.go and extended API endpoint detection to support legacy v0.1 endpoints:

• Added checks for /v0.1/servers endpoints in addition to existing /v0/servers endpoints
• This allows the importer to work with both current (v0) and legacy (v0.1) registry API endpoints

// added the support for both v0 and v0.1
if strings.HasSuffix(path, "/v0/servers") || strings.Contains(path, "/v0/servers") ||
	strings.HasSuffix(path, "/v0.1/servers") || strings.Contains(path, "/v0.1/servers") {
	// This is a registry API endpoint - fetch paginated data
	return fetchFromRegistryAPI(ctx, path)
	}

This dual schema support allows the registry to accept servers using either the frozen v0.1 schema (2025-09-29) or the current schema (2025-10-17).

Review Curated Seed

The data/seed.json file contains four production MCP servers using the legacy schema (2025-09-29) for backwards compatibility:

Run with Docker Compose

make dev-compose

For local testing purpose with changes made, re-run with explicit local seed & validation:

docker compose down -v
MCP_REGISTRY_SEED_FROM=/data/seed.json MCP_REGISTRY_ENABLE_REGISTRY_VALIDATION=true docker compose up -d

Verify Import & Endpoints

API endpoint testing:

curl -s localhost:8080/v0.1/servers?limit=10 | jq

---

Step by Step 2: Secure HTTPS Exposure & Enterprise/Org Configuration

Choose Exposure Method

There are various tools in the market that you can use to expose an internal url like localhost, or if you can host the registry behind your own DNS and a public IP address in a prod like enviroment, that is even better. In my case, I chose ngrok as the tool to expose my docker running on my localhost, so GHE enterprise/org can fetch the url through Internet and communicate to the registry. Below are a few other example tools you can use:

Option A: Ngrok (Static Domain Recommended with ngrok paid plan)

ngrok http 8080
# Produces https://YOUR_SUBDOMAIN.ngrok.app

Option B: Cloudflare Tunnel
Configure a tunnel → route subdomain → localhost:8080

Option C: Tailscale Funnel
Enable Funnel for the host service → acquire HTTPS URL

Test External Reachability using ngrok

curl -I https://YOUR_SUBDOMAIN.ngrok.app/v0.1/servers?limit=1

Configure GitHub Enterprise / Org MCP Registry

1. Navigate to Enterprise / Organization Settings → Copilot → Policies → MCP Registry
2. Add endpoint: https://YOUR_SUBDOMAIN.ngrok.app/v0.1/servers
3. Restrict MCP access to registry servers: Registry Only
4. Save and wait for policy propagation

Verify from Developer IDE

In VS Code Output panel (Window log), look for successful MCP registry fetch.

Manual cross-check:

curl -s 'https://YOUR_SUBDOMAIN.ngrok.app/v0.1/servers?limit=2' | jq '.servers[].server.name'

Fallback test (if Insiders has serialization issue):

curl -s 'https://YOUR_SUBDOMAIN.ngrok.app/v0/servers?limit=2' | jq '.servers[].server.name'

Governance Best Practices

✅ Keep MCP_REGISTRY_ENABLE_REGISTRY_VALIDATION=true in production
✅ Pin Docker image versions (avoid :dev)
✅ Protect tunnel with auth / IP allowlists / SSO
✅ Monitor /metrics endpoint for usage patterns
✅ Use PR approvals for seed.json changes

---

Step by Step 3: IDE Consumption & Allowlisted Filtering

Terminal Output Window View for debugging purpose

You should see the [info] with your matching registry server url configured on GitHub admin console.

Extension Filtering

1. Open VS Code / Insiders Extensions view
2. Search with tag or keyword: mcp
3. Expected result: Only curated servers appear (Terraform, Elasticsearch, Atlassian, Jira)

If extraneous servers appear:

• Verify enterprise enforcement (policy propagation delay)
• Check endpoint filtering (?search= parameter)

Security & Compliance Callouts

Aspect	Implementation
Allowlisting	Central registry prevents unapproved server usage
Backward Compatibility	Dual schema eases migration; remove legacy once ecosystem updated
Validation Discipline	Keeps metadata predictable & enforceable
Auditability	Fork + commit history + PR review = traceable change log
Transport Control	Mix of packages (Docker/PyPI) and remotes (SSE/streamable-http)

---

Quick Command Recap

# Run local with curated seed
docker compose down -v
MCP_REGISTRY_SEED_FROM=/data/seed.json MCP_REGISTRY_ENABLE_REGISTRY_VALIDATION=true docker compose up -d

# Test endpoints
curl -s localhost:8080/v0.1/health | jq .
curl -s 'localhost:8080/v0.1/servers?limit=5' | jq '.servers[].server.name'

# Expose via ngrok and verify
ngrok http 8080 --url https://YOUR_SUBDOMAIN.ngrok.app
curl -s 'https://YOUR_SUBDOMAIN.ngrok.app/v0.1/servers?limit=2' | jq '.servers[].server.name'

---

Repository and other resources

Fork: customer-success-architects/registry
Upstream: modelcontextprotocol/registry

---

Link Category	Link
API Reference: Registry Endpoints and Schemas	https://registry.modelcontextprotocol.io/docs#/
Registry Source & Docs: GitHub Repository Documentation	https://github.com/modelcontextprotocol/registry/tree/main/docs
Changelog Context: VS Code Enforcement Confirmation	https://github.blog/changelog/2025-11-18-internal-mcp-registry-and-allowlist-controls-for-vs-code-stable-in-public-preview/
VSCode	https://code.visualstudio.com/updates/v1_106#_mcp

---

Other Managed Service Solution - Azure API Center

Azure API Center is the managed service ("Easy Path") that accelerates time-to-value by providing built-in governance, validation, and a centralized catalog, thereby reducing infrastructure and design-time work. In contrast, self-hosting offers full control over the registry and deployment but demands greater initial and ongoing effort for infrastructure, security, validation, and change control.

• Centralized Inventory and Discovery: It allows you to create and maintain a complete, centralized inventory of all your organization's APIs, including those under development. This provides the foundation for your "registry," making it easier for developers to find and reuse approved Model Context Protocol (MCP) servers.
• Design-Time Governance: It enables API program managers to govern the API inventory by enforcing conformance to organizational standards. This is the core of the "allow list," allowing you to define custom metadata and set up linting and analysis to ensure only vetted, policy-compliant MCP server definitions are registered.
• Accelerated, Compliant Consumption: It maximizes developer productivity by ensuring they consume APIs in a secure manner consistent with organizational standards, which directly supports the goal of an allowlist by steering developers to approved, governed servers.

https://learn.microsoft.com/azure/api-center/overview

---

[HarvirChima]

Awesome, this is super useful!