74
/ 100
15 days ago
glama

Microsoft 365 MCP Server

A Model Context Protocol (MCP) server for interacting with Microsoft 365 and Microsoft Office services through the Graph API.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
9 tools verified — handlers match their declared behaviour
3 read-only tools verified — handlers contain no write/delete/exec
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
🔐
You'll be asked for 2 credentials: MS365_MCP_CLIENT_SECRET, MS365_MCP_OAUTH_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// known CVEs in dependencies2 low

Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.

lowjs-yaml@4.1.0GHSA-h67p-54hq-rp68

JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases

lowjs-yaml@4.1.0GHSA-mh29-5h37-fv8m

js-yaml has prototype pollution in merge (<<)

Depend on this server? Get alerted when its CVEs change.Watch this server free →
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configENABLED_TOOLSFilter tools using a regex pattern (alternative to --enabled-tools flag)
configLOG_LEVELSet logging level (default: 'info')
configMS365_MCP_ALLOWED_REDIRECT_URIS
configMS365_MCP_ALLOWED_SCOPES
configMS365_MCP_ALLOW_PAGINATION
configMS365_MCP_ALLOW_UNAUTHENTICATED_DISCOVERY
configMS365_MCP_AUDIT_LOG
configMS365_MCP_BASE_URL
configMS365_MCP_BODY_FORMAThtml: Return email bodies as HTML instead of plain text (default: text)
configMS365_MCP_CLIENT_ID5. Set — replace your-azure-ad-client-id with your Azure Entra app (client) ID. See [Azure AD App Registration](docs/deployment.md#azure-ad-app-registration-for-organizations) for how to create one.
🔐 secretMS365_MCP_CLIENT_SECRETCustom or additional Microsoft Graph API scopes beyond the built-in permission set (configure via MS365_MCP_CLIENT_ID / )
configMS365_MCP_CLOUD_TYPEglobalchina: Microsoft cloud environment (alternative to --cloud flag)
configMS365_MCP_CORS_ORIGIN
configMS365_MCP_EXPECTED_HOME_ACCOUNT_IDCLI values (--expected-username, --expected-home-account-id) take precedence over MS365_MCP_EXPECTED_USERNAME and .
configMS365_MCP_EXPECTED_USERNAMEwork@company.com npx @ideatells-b-v-software/ms-365-mcp-server --login
configMS365_MCP_EXTRA_SCOPES
configMS365_MCP_FORCE_WORK_SCOPEStrue1: Backwards compatibility for MS365_MCP_ORG_MODE
configMS365_MCP_GRAPH_CIRCUIT_DISABLED
configMS365_MCP_KEYVAULT_URLAzure Key Vault URL for secrets management (see Azure Key Vault section)
configMS365_MCP_LOG_DIR
configMS365_MCP_MAX_TOPn>: Hard cap for Graph $top / top on list requests (positive integer). When the model passes a larger value, the server clamps it to n so responses stay smaller. Example: MS365_MCP_MAX_TOP=15
🔐 secretMS365_MCP_OAUTH_TOKENyour_oauth_token npx @ideatells-b-v-software/ms-365-mcp-server
configMS365_MCP_OBO
configMS365_MCP_ORG_MODEtrue1: Enable organization/work mode (alternative to --org-mode flag)
configMS365_MCP_OUTPUT_FORMATtoon npx @ideatells-b-v-software/ms-365-mcp-server
configMS365_MCP_PUBLIC_URL
configMS365_MCP_RATE_LIMIT_DISABLEDtrue1: Disable per-IP rate limiting in HTTP mode (default: enabled — 30 req/min on /authorize, /token, /register; 120 req/min on /mcp)
configMS365_MCP_REDACT_PII
configMS365_MCP_SELECTED_ACCOUNT_PATHExplicit cache paths: Override MS365_MCP_TOKEN_CACHE_PATH and (resolved by getTokenCachePath() / getSelectedAccountPath() in src/token-cache-storage.ts) when the XDG default location is not writable.
configMS365_MCP_TENANT_IDms365-mcp-tenant-id No (defaults to 'common')
configMS365_MCP_TOKEN_CACHE_PATHCustom file path for MSAL token cache (see Token Storage below)
configMS365_MCP_TOKEN_FILEalt or in-memory token valid
configMS365_MCP_TRUST_PROXY_AUTH
configMS365_MCP_TRUST_PROXY_HOPS
configREAD_ONLYtrue1: Alternative to --read-only flag
configSILENTtrue1: Disable console output
configVITEST
configXDG_DATA_HOME
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 6 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/ideatells-b-v-software-hermes-ms365-mcp-15mn6z)](https://m8ven.ai/mcp/ideatells-b-v-software-hermes-ms365-mcp-15mn6z)
commit: c73c64d0cf30f875d7ccca8195daa3c67b4d7ab7
code hash: dcae296b36c2134b10342cdca439db74f25a2317680e5f1f2219ac76fe1edcc1
verified: 6/26/2026, 9:38:50 AM
view raw JSON →