microsoft-graph-mcp-server
Verified Safeby ry-ops
Overview
Manages Microsoft 365 users, licenses, and groups via Microsoft Graph API, enabling automated M365 administration through AI agents.
Installation
uv run mcp_graph_server.pyEnvironment Variables
- MICROSOFT_TENANT_ID
- MICROSOFT_CLIENT_ID
- MICROSOFT_CLIENT_SECRET
Security Notes
The server uses `msal` for authentication and `httpx` for API calls, which are standard and secure libraries. Environment variables are correctly used for storing credentials, preventing hardcoding. Broad Azure AD application permissions (User.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All) are required, which is a significant privilege and necessitates careful management of the client secret and adherence to the principle of least privilege. The `install.sh` script uses `curl | sh` for `uv` installation, a common but potentially risky practice. Overall, the code itself follows good security practices, but the security of the deployment relies heavily on proper Azure AD configuration and secret management by the user.
Similar Servers
ms-365-mcp-server
Interacting with Microsoft 365 and Office services through the Graph API via a Model Context Protocol (MCP) server.
cli-microsoft365-mcp-server
This MCP server allows users to execute CLI for Microsoft 365 commands using natural language, enabling management of various Microsoft 365 services like SharePoint, Teams, and Power Platform.
pinax-mcp
Connects MCP-compatible clients (e.g., Claude Desktop) to remote MCP servers, specifically The Graph Token API, by acting as a bridge between stdio and HTTP/SSE transports.
azure-devops-mcp
An MCP server that enables Claude to interact with Azure DevOps work items, projects, sprints, and relationships directly through natural language.