This document shows you how to use the Application Design Center remote Model Context Protocol (MCP) server to connect with AI applications including Gemini CLI, ChatGPT, Claude, and custom applications you are developing. The App Design Center remote MCP server lets you design and deploy applications and templates to standardize your Google Cloud infrastructure.
We recommend that you use App Design Center MCP server and the Gemini Cloud Assist MCP server together to design and deploy applications.
The Application Design Center remote MCP server is enabled when you enable the Application Design Center API.Model Context Protocol (MCP) standardizes how large language models (LLMs) and AI applications or agents connect to external data sources. MCP servers let you use their tools, resources, and prompts to take actions and get updated data from their backend service.
What's the difference between local and remote MCP servers?
- Local MCP servers
- Typically run on your local machine and use the standard input and output streams (stdio) for communication between services on the same device.
- Remote MCP servers
- Run on the service's infrastructure and offer an HTTP endpoint to AI applications for communication between the AI MCP client and the MCP server. For more information about MCP architecture, see MCP architecture.
Google and Google Cloud remote MCP servers
Google and Google Cloud remote MCP servers have the following features and benefits:- Simplified, centralized discovery
- Managed global or regional HTTP endpoints
- Fine-grained authorization
- Optional prompt and response security with Model Armor protection
- Centralized audit logging
For information about other MCP servers and information about security and governance controls available for Google Cloud MCP servers, see Google Cloud MCP servers overview.
Before you begin
Install the Google Cloud CLI. After installation, initialize the Google Cloud CLI by running the following command:
gcloud initIf you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
Install the Google Cloud CLI. After installation, initialize the Google Cloud CLI by running the following command:
gcloud initIf you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
Enable the API
Enable the App Design Center service in your project:
gcloud services enable designcenter.googleapis.com \
--project=PROJECT_ID
Replace PROJECT_ID with your Google Cloud project ID.
Required roles
To get the permissions that you need to use the App Design Center MCP server, ask your administrator to grant you the following IAM roles on the project where you want to use the App Design Center MCP server:
-
Make MCP tool calls:
MCP Tool User (
roles/mcp.toolUser) -
Set up App Design Center:
Application Design Center Admin (
roles/designcenter.admin)
For more information about granting roles, see Manage access to projects, folders, and organizations.
These predefined roles contain the permissions required to use the App Design Center MCP server. To see the exact permissions that are required, expand the Required permissions section:
Required permissions
The following permissions are required to use the App Design Center MCP server:
-
Make MCP tool calls:
mcp.tools.call
You might also be able to get these permissions with custom roles or other predefined roles.
Authentication and authorization
The Application Design Center remote MCP server uses the OAuth 2.0 protocol with Identity and Access Management (IAM) for authentication and authorization. All Google Cloud identities are supported for authentication to MCP servers.
App Design Center does not support API keys as an authentication method.
We recommend that you create a separate identity for agents that are using MCP tools so that access to resources can be controlled and monitored. For more information about authentication, see Authenticate to MCP servers.
App Design Center MCP OAuth scopes
OAuth 2.0 uses scopes and credentials to determine if an authenticated principal is authorized to take a specific action on a resource. For more information about OAuth 2.0 scopes at Google, read Using OAuth 2.0 to access Google APIs.
App Design Center has the following MCP tool OAuth scope:
| Scope URI for gcloud CLI | Description |
|---|---|
https://www.googleapis.com/auth/cloud-platform |
View and manage App Design Center resources. |
Configure an MCP client to use the App Design Center MCP server
AI applications and agents, such as Claude or Gemini CLI, can instantiate an MCP client that connects to a single MCP server. An AI application can have multiple clients that connect to different MCP servers. To connect to a remote MCP server, the MCP client must know the remote MCP server's URL.
In your AI application, connect to a remote MCP server. You are prompted to enter details about the server, such as its name and URL.
For the App Design Center MCP server, enter the following as required:
| Configuration property | Value |
|---|---|
| Server name | application_design_center |
| Server URL or Endpoint | https://designcenter.googleapis.com/mcp |
| Transport | HTTP |
| Authentication details | Depending on how you want to authenticate, you can enter your Google Cloud credentials, your OAuth Client ID and secret, or an agent identity and credentials. For more information about authentication, see Authenticate to MCP servers. |
| OAuth scope | The OAuth 2.0 scope that you want to use when connecting to the App Design Center MCP server. |
For host-specific guidance about setting up and connecting to MCP server, see the following:
For more general guidance, see the following resources:
List available tools
Use the MCP inspector to list tools, or send a
tools/list HTTP request directly to the App Design Center
remote MCP server. The tools/list method doesn't require authentication.
POST /mcp HTTP/1.1
Host: designcenter.googleapis.com
Content-Type: application/json
{
"jsonrpc": "2.0",
"method": "tools/list",
}
Example use cases
Use the App Design Center MCP server together with the Gemini Cloud Assist MCP server to help you design and deploy your Google Cloud infrastructure. Use these MCP servers together to accomplish the following goals:
Generate infrastructure design based on goals: describe the Google Cloud services you need and the goal you want to achieve.
User prompt:
Help me set up a web application using Cloud Run, Cloud SQL, and Cloud Load Balancing in the eu-west-2 region.Agent action: the agents generate an architecture design that fits your goal using the Google Cloud services you want.
Generate infrastructure design based on existing application code: provide your application's source code to get an optimal design.
User prompt:
Design the cloud architecture for my Python application located in this repository: YOUR_APP_REPO_URL.Agent action: the agents analyze your application code and generate a proposal for an optimal architecture design.
Iteratively refine your infrastructure design: start with a baseline architecture and make incremental changes.
User prompt:
For the Cloud Storage bucket in my design, set a retention policy to delete objects after 90 days.Agent action: the agents can adjust your architecture design to update component configurations, add new resources, and make new connections.
Analyze infrastructure against security and design best practices: assess your proposed architecture against established frameworks, such as security frameworks defined by an administrator in Security Command Center.
User prompt:
Assess the infrastructure design against best practices.Agent action: the agents assess the design against best practices to identify potential problems.
Remediate identified security findings: fix problems identified in the security analysis.
User prompt:
Fix the security violations you identified to align with my organization's specified frameworks.Agent action: the agents fix the issues identified during the security assessment.
Deploy the generated infrastructure and application to Google Cloud: when you're satisfied with your design, deploy your application.
User prompt:
Deploy the current application design.Agent action: the agents deploy your infrastructure design and application code to Google Cloud using App Design Center.
Diagnose and remediate deployment failures: if the deployment fails, get troubleshooting support.
User prompt:
Troubleshoot the deployment failure.Agent action: the agents analyze the error logs, identify the root cause, and provide suggestions to resolve issues like permission and configuration errors.
Optional security and safety configurations
MCP introduces new security risks and considerations due to the wide variety of actions that you can do with the MCP tools. To minimize and manage these risks, Google Cloud offers default settings and customizable policies to control the use of MCP tools in your Google Cloud organization or project.
For more information about MCP security and governance, see AI security and safety.
Use Model Armor
Model Armor is a Google Cloud service that's designed to enhance the security and safety of your AI applications. It works by proactively screening LLM prompts and responses, protecting against various risks and supporting responsible AI practices. Whether you deploy AI in your cloud environment, or on external cloud providers, Model Armor can help you prevent malicious input, verify content safety, protect sensitive data, maintain compliance, and enforce your AI safety and security policies consistently across your diverse AI landscape.
Model Armor is only available in specific regional locations. If Model Armor is enabled for a project, and a call to that project comes from an unsupported region, Model Armor makes a cross-regional call. For more information, see Model Armor locations.
Enable Model Armor
You must enable Model Armor APIs before you can use Model Armor.
Console
Enable the Model Armor API.
Roles required to enable APIs
To enable APIs, you need the Service Usage Admin IAM role (
roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enablepermission. Learn how to grant roles.Select the project where you want to activate Model Armor.
gcloud
Before you begin, follow these steps using the Google Cloud CLI with the Model Armor API:
In the Google Cloud console, activate Cloud Shell.
At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.
-
Run the following command to set the API endpoint for the Model Armor service.
gcloud config set api_endpoint_overrides/modelarmor "https://modelarmor.LOCATION.rep.googleapis.com/"
Replace
LOCATIONwith the region where you want to use Model Armor.
Configure protection for Google and Google Cloud remote MCP servers
To help protect your MCP tool calls and responses you can use Model Armor floor settings. A floor setting defines the minimum security filters that apply across the project. This configuration applies a consistent set of filters to all MCP tool calls and responses within the project.
Set up a Model Armor floor setting with MCP sanitization enabled. For more information, see Configure Model Armor floor settings.
See the following example command:
gcloud model-armor floorsettings update \ --full-uri='projects/PROJECT_ID/locations/global/floorSetting' \ --enable-floor-setting-enforcement=TRUE \ --add-integrated-services=GOOGLE_MCP_SERVER \ --google-mcp-server-enforcement-type=INSPECT_AND_BLOCK \ --enable-google-mcp-server-cloud-logging \ --malicious-uri-filter-settings-enforcement=ENABLED \ --add-rai-settings-filters='[{"confidenceLevel": "MEDIUM_AND_ABOVE", "filterType": "DANGEROUS"}]'
Replace PROJECT_ID with your Google Cloud project ID.
Note the following settings:
INSPECT_AND_BLOCK: The enforcement type that inspects content for the Google MCP server and blocks prompts and responses that match the filters.ENABLED: The setting that enables a filter or enforcement.MEDIUM_AND_ABOVE: The confidence level for the Responsible AI - Dangerous filter settings. You can modify this setting, though lower values might result in more false positives. For more information, see Model Armor confidence levels.
Disable scanning MCP traffic with Model Armor
To stop Model Armor from automatically scanning traffic to and from Google MCP servers based on the project's floor settings, run the following command:
gcloud model-armor floorsettings update \
--full-uri='projects/PROJECT_ID/locations/global/floorSetting' \
--remove-integrated-services=GOOGLE_MCP_SERVER
Replace PROJECT_ID with the Google Cloud project
ID. Model Armor doesn't automatically apply the rules defined in
this project's floor settings to any Google MCP server traffic.
Model Armor floor settings and general configuration can impact more than just MCP. Because Model Armor integrates with services like Agent Platform, any changes you make to floor settings can affect traffic scanning and safety behaviors across all integrated services, not just MCP.
Control MCP use with IAM deny policies
Identity and Access Management (IAM) deny policies help you secure Google Cloud remote MCP servers. Configure these policies to block unwanted MCP tool access.
For example, you can deny or allow access based on:
- The principal
- Tool properties like read-only
- The application's OAuth client ID
For more information, see Control MCP use with Identity and Access Management.
What's next
- To learn how to use the MCP server in an IDE, see Design and deploy an application using Gemini CLI.
- Use the App Design Center MCP server and the Gemini Cloud Assist MCP server together.
- Learn more about Google Cloud MCP servers.