ms-graph-mcp
Verified Safeby keelinglogic
Overview
A Model Context Protocol (MCP) server providing Claude Code with full access to Microsoft 365 services via the Microsoft Graph API, covering email, calendar, contacts, To Do, Planner, and Groups.
Installation
cd deployment/hermes && docker compose up -dEnvironment Variables
- CLIENT_ID
- TENANT_ID
- SCOPES
- ATHENA_DATA_DIR
- ALLOW_UNENCRYPTED_CACHE
- HOME
- PIP_CACHE_DIR
- PATH
Security Notes
The server demonstrates strong security practices: `CLIENT_ID` and `TENANT_ID` are loaded from environment variables, avoiding hardcoded secrets. OAuth tokens are persistently stored in a Docker volume (`m365-mcp-data`) with restrictive `0o700` (`TOKEN_CACHE_DIR`) and `0o600` (`TOKEN_CACHE_FILE`) file permissions. Attachment downloads implement path sanitization (`Path(att_name).name`) to prevent directory traversal vulnerabilities. Network exposure is designed to be behind a VPN (WireGuard recommended), enhancing security. No `eval` or `exec` with unvalidated user input were found. The server relies on `mcp-proxy` for HTTP exposure, which wraps the standard I/O communication.
Similar Servers
ms-365-mcp-server
Interacting with Microsoft 365 and Office services through the Graph API via a Model Context Protocol (MCP) server.
pinax-mcp
Connects MCP-compatible clients (e.g., Claude Desktop) to remote MCP servers, specifically The Graph Token API, by acting as a bridge between stdio and HTTP/SSE transports.
microsoft_graph_mcp_server
Integrate AI assistants with Microsoft 365 services, including email, calendar, contacts, files, and Teams, via the Microsoft Graph API.
microsoft-mcp
A comprehensive AI assistant toolkit for managing Microsoft 365 services including Outlook emails, Calendar events, OneDrive files, and Contacts.