Microsoft Entra ID MCP Server
MCP server for Microsoft Entra ID via Graph API: users, sign-in logs, MFA status, and privileged users.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Microsoft Entra ID MCP Server, derived from its capabilities.
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.
Overview
A Python MCP server that interacts with Microsoft Entra ID (Azure AD) through Microsoft Graph, supporting advanced queries over users, groups, devices, sign-in logs, MFA status, and privileged accounts. Because it can read directory and security-sensitive identity data, the Graph app permissions it is granted are the primary risk surface.
Key features
- Query users, groups, and devices
- Sign-in logs and MFA status
- Privileged-user and security operations
Use cases
- Identity and access investigations with an agent
- Auditing MFA and privileged accounts