d365fo-mcp-server
Provides an MCP server for Dynamics 365 Finance & Operations (D365FO) that pre-indexes X++/AOT metadata (standard + custom/ISV) and exposes it as specialized tools for code navigation and generation (method signatures, CoC extension discovery, security coverage, label search, EDT details, etc.). Supports local mode (command + env) and hosted mode (Azure URL).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
README does not document authentication/authorization controls for the hosted MCP endpoint; local mode relies on environment configuration. Given the tool processes proprietary metadata, deploy with network restrictions, TLS, and least-privilege secrets management. Dependency list includes common libraries but the provided content doesn’t include SCA/CVE or audit details, so hygiene is estimated.
⚡ Reliability
Best When
You have access to your D365FO packages/models locally (or via an Azure-hosted pipeline) and want an agent to generate/navigate X++ accurately against your actual customized metadata.
Avoid When
You cannot supply the required local paths/configuration or cannot reasonably run metadata extraction/indexing; also avoid in environments where shipping/processing proprietary metadata is not allowed.
Use Cases
- • AI-assisted X++ code navigation (IntelliSense-like lookup of classes/tables/methods/EDTs)
- • Reducing compile errors by supplying exact signatures/parameters and correct data model shape
- • Discovering Chain of Command (CoC) wrappers for standard/custom methods
- • Querying security hierarchy coverage (Role → Duty → Privilege → Entry Point)
- • Generating correct D365 XML structures (tables/forms/patterns) without VS string-replacement corruption
- • Local SDLC workflow support (triggering extract/sync/test/best-practice validations behind tools)
Not For
- • Generic web development code completion (not designed for public-language ecosystems)
- • Runtime interaction with production D365 systems (metadata-focused; no evidence of transactional operations)
- • Teams wanting a simple SaaS API with standardized REST/SDK access (MCP-first, with local/VM filesystem dependencies)
Interface
Authentication
README shows Copilot MCP server configuration for both hosted (URL) and local (command+env). No API key/OAuth scheme, auth middleware, or scope model is documented in the provided content, so agent access-control behavior can’t be verified from the given sources.
Pricing
No pricing model for a hosted service is stated; pricing appears to be infrastructure cost guidance for running the server yourself on Azure.
Agent Metadata
Known Gotchas
- ⚠ Local/write-mode MCP usage likely depends on filesystem access to D365FO packages/workspace paths; agents must run on (or be able to reach) machines with these paths available.
- ⚠ Metadata extraction and SQLite index build steps are prerequisites; if the index is stale relative to your codebase/customizations, tool outputs may be outdated.
- ⚠ Write operations may require a Windows-specific C# bridge (mentioned as mandatory on Windows VMs for file create/modify); agent deployments that omit bridge build/runtime may fail.
- ⚠ Security behavior is not verifiable from README excerpt; agents should assume sensitive metadata and limit exposure accordingly.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for d365fo-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.