outlook-mcp
Verified Safeby XenoXilus
Overview
Enables AI assistants to interact with Microsoft Outlook for email, calendar, and SharePoint operations through the Microsoft Graph API.
Installation
node server/index.jsEnvironment Variables
- AZURE_CLIENT_ID
- AZURE_TENANT_ID
- MCP_OUTLOOK_WORK_DIR
Security Notes
The server employs robust security practices including OAuth 2.0 with PKCE for secure delegated authentication, ensuring no client secrets are stored. Tokens are encrypted and stored locally, leveraging the OS keychain if available, or encrypted file storage as a fallback. Critical configuration values (Client ID, Tenant ID) are explicitly handled via environment variables, preventing hardcoding. Input and output content are actively sanitized using DOMPurify and custom malicious pattern detection to mitigate XSS and other injection vulnerabilities. Furthermore, HTTP connections to the Microsoft Graph API utilize TLSv1.2 with strong ciphers and configured connection pooling, enhancing network security and reliability. There is active validation of file paths to prevent traversal attacks. No instances of 'eval' or obvious obfuscation were found.
Similar Servers
ms-365-mcp-server
Interacting with Microsoft 365 and Office services through the Graph API via a Model Context Protocol (MCP) server.
outlook-mcp-server
AI-powered local email management for Microsoft Outlook, enabling search, composition, organization, and batch forwarding of emails using natural language commands.
gmail-mcp
Manages Gmail emails programmatically, enabling AI systems to read, send, archive, and perform other email operations on behalf of a user.
simply-outlook-mcp
Enables AI assistants to manage Microsoft Outlook calendars and emails via the Microsoft Graph API.