{"id":"acuvity-mcp-server-microsoft-graph","name":"mcp-server-microsoft-graph","homepage":"https://hub.docker.com/r/acuvity/mcp-server-microsoft-graph","repo_url":"https://hub.docker.com/r/acuvity/mcp-server-microsoft-graph","category":"automation","subcategories":[],"tags":["mcp","microsoft-graph","microsoft-365","entra-id","productivity-automation","authorization","automation"],"what_it_does":"Provides an MCP server that exposes Microsoft Graph functionality to MCP-capable AI agents, allowing the agent to perform directory/user/mail/workload actions via Graph-backed tools (exact tool surface depends on the repository implementation).","use_cases":["Let an AI agent read and act on Microsoft 365/Entra ID data (users, groups, directory objects) via an MCP tool interface","Automate operational workflows that require Graph API calls (provisioning, audits, basic account management)","Build agent-driven helpdesk and IT automation tasks leveraging Microsoft Graph as the system of record"],"not_for":["High-risk actions without human approval (e.g., bulk user changes, destructive operations)","Workloads that require complex authorization review and tight change controls unless the agent is constrained","Environments where Microsoft Graph access cannot be provisioned securely (no required app registrations/consent)"],"best_when":"You want to integrate Microsoft Graph into an agent workflow using MCP tools, and you can safely scope Graph permissions and implement guardrails.","avoid_when":"You cannot confidently scope/limit Graph permissions or you need deterministic, strongly validated outputs from the Graph layer without retries/verification.","alternatives":["Direct Microsoft Graph API integration in your app (REST with MSAL)","Using existing Microsoft Graph connectors/automation tools (e.g., Logic Apps, Power Automate)","Other MCP servers/connectors for Microsoft services (if available)"],"af_score":44.0,"security_score":64.2,"reliability_score":10.0,"package_type":"mcp_server","discovery_source":["docker_mcp"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:34:53.194889+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Microsoft identity platform via Azure AD app registration (typical for Graph): client credentials or delegated auth (implementation-dependent)","Access token obtained through MSAL/Entra ID flows (implementation-dependent)"],"oauth":true,"scopes":true,"notes":"Auth is expected to use Microsoft identity platform/Graph permissions; scope granularity depends on the app registration permissions configured for the server."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"MCP server itself is likely self-hosted/open-source; Microsoft Graph calls may incur platform costs depending on tenant and usage (not stated here)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":44.0,"security_score":64.2,"reliability_score":10.0,"mcp_server_quality":60.0,"documentation_accuracy":50.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":35.0,"rate_limit_clarity":30.0,"tls_enforcement":90.0,"auth_strength":70.0,"scope_granularity":60.0,"dependency_hygiene":45.0,"secret_handling":50.0,"security_notes":"Security posture is largely determined by how the MCP server handles OAuth token acquisition/storage, least-privilege Graph scopes, and whether secrets are kept out of logs. Microsoft Graph API access should be constrained with minimal permissions and the agent should be prevented from performing privileged/bulk destructive actions without approval.","uptime_documented":0.0,"version_stability":0.0,"breaking_changes_history":0.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"unknown","retry_guidance_documented":false,"known_agent_gotchas":["Graph permissions (admin consent) may be required for certain operations; agent failures may look like auth errors","Microsoft Graph throttling can occur; without explicit backoff guidance, agents may repeatedly retry and worsen rate limiting","Tool surface may differ by implementation; the agent may attempt unsupported operations if tool descriptions are incomplete","Some Graph mutations are not naturally idempotent; an agent may duplicate side effects on retries if idempotency keys are not used"]}}