Connect to remote MCP safely You authorize remote MCP with OAuth, client credentials, or enterprise policy while keeping application identity separate. URL validation and SSRF protections stay enabled. java academy academy/topics/mcp-auth-security website/content-src/academy/course.mjs academy Connect to remote MCP safely
Unit 9 · Connect to external tools and data

Connect to remote MCP safely

You authorize remote MCP with OAuth, client credentials, or enterprise policy while keeping application identity separate. URL validation and SSRF protections stay enabled.

10 focused minutesNot started
Unit example (nearest native match)

See the idea in context

AxMCPClient mcp = new AxMCPClient(new AxMCPStreamableHTTPTransport(endpoint), Map.of("namespace", "inventory"));
      AxMCPClient.CatalogSnapshot catalog = mcp.inspectCatalog();
AxGen program = new AxGen(Ax.s("request:string -> answer:string"), Map.of("mcp", mcp));
      mcp.close();
Run itIn your own project
// Gradle (build.gradle):
implementation 'dev.axllm:ax:22.0.4'
// Maven (pom.xml):
<dependency>
  <groupId>dev.axllm</groupId>
  <artifactId>ax</artifactId>
  <version>22.0.4</version>
</dependency>

import dev.axllm.ax.Ax;

var llm = Ax.ai("openai", Map.of("apiKey", System.getenv("OPENAI_API_KEY")));
var classify = Ax.ax("review:string -> sentiment:class \"positive, negative, neutral\"");

Set OPENAI_APIKEY in your environment before running provider-backed code.

In the ax repo

From a clone of the ax repo:

npm run example -- java src/examples/java/mcp/NativeMCPToolsExample.java
Active practice

Show that you can use it

Answer 2 in a row to learn this · attempt 1
Keep exploring

Source-backed follow-up