Polaralias/Outlook-MCP-Server
3.1
If you are the rightful owner of Outlook-MCP-Server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
MCP server for connecting Outlook emails to Poke.
Outlook-MCP-Server
Model Context Protocol (MCP) server that bridges Outlook mail and calendar data from Microsoft 365 into MCP compatible clients. The server authenticates with Microsoft Graph, exposes curated tools for working with messages and events, and stores access tokens locally for subsequent sessions.
Table of contents
- Architecture overview
- Getting started
- Authentication flow
- Tool reference
- Usage examples
- Troubleshooting
- Security notes
- Additional documentation
- Contributing
- License
Architecture overview
The server is organised into small, purpose-built modules:
| Component | Responsibility |
|---|---|
src/index.ts | Bootstraps the MCP server, loads configuration, registers tools, and wires telemetry. |
src/auth/ | Implements the Microsoft device code flow (DeviceFlowAuthenticator) and encrypted token storage (TokenStore). |
src/graph/ | Creates Microsoft Graph clients and applies authentication middleware for each tenant. |
src/tools/email/ | Provides email-focused MCP tools (search, retrieve, draft, send, move, archive, and attachment operations). |
src/tools/calendar/ | Provides calendar-focused MCP tools (event CRUD, free/busy lookup, conflict detection, and attachments). |
src/logging/ | Wraps winston logging with structured output suitable for MCP telemetry. |
Incoming MCP requests are routed to the relevant tool handler. Handlers fetch Microsoft Graph access tokens through the authenticator, create scoped Graph clients, and return structured responses to the MCP client.
Getting started
Azure app registration
- Sign in to the Azure portal with a tenant that can access Microsoft Graph.
- Navigate to Azure Active Directory → App registrations → New registration.
- Choose a descriptive name (for example,
Outlook MCP Server) and register the application as a single-tenant app unless multiple tenants are required. - Record the Application (client) ID and the Directory (tenant) ID for later use.
- Under Certificates & secrets, create a client secret if you plan to use confidential client flows (not required for device code, but recommended for automation scenarios).
- In API permissions, add delegated permissions for:
Mail.ReadWriteMail.SendCalendars.ReadWriteoffline_access- Any additional Microsoft Graph scopes you plan to request. Grant admin consent for your tenant.
Environment variables
Configuration is managed through environment variables at runtime. Provide the following values before starting the server (see for details, defaults, and validation rules):
| Variable | Description |
|---|---|
MCP_CLIENT_ID | Azure app registration client ID used for device code authentication. |
MCP_TENANT_IDS | Comma-separated list of allowed tenant IDs. The first entry becomes the default tenant when none is provided in a tool invocation. |
MCP_DEFAULT_USER_ID | Default Microsoft 365 user (UPN or object ID) whose mailbox and calendar will be targeted. |
MCP_TOKEN_SECRET | Encryption key for the local token cache. Must be kept secret. |
MCP_TOKEN_PATH | (Optional) Filesystem path where encrypted tokens are stored. Defaults to ./data/tokens.json. |
MCP_SCOPES | (Optional) Comma-separated list of Microsoft Graph scopes. Defaults to User.Read, Mail.ReadWrite, Mail.Send, offline_access, Calendars.ReadWrite. |
MCP_AUTHORITY_HOST | (Optional) Azure AD authority host. Defaults to https://login.microsoftonline.com. |
Local setup
- Clone this repository and install dependencies:
npm install - Create a
.envfile (or export variables in your shell) with the environment variables listed above. - Build the TypeScript sources or run the server in development mode:
# Build for production output in dist/ npm run build # Or run directly with ts-node for rapid iteration npm run dev - Start the MCP server (from the compiled output) and connect with your MCP-compatible client:
npm start
Authentication flow
The server uses the Microsoft identity platform device code flow:
- On startup the server initialises
DeviceFlowAuthenticatorwith your configured tenants and scopes. - When authentication is required, the authenticator requests a device code and emits it through the
device_codeevent. The server logs the verification URL and user code so you can complete the sign-in on another device or browser. - After you authenticate and grant the requested Microsoft Graph scopes, the authenticator exchanges the device code for access and refresh tokens.
- Tokens are encrypted with
MCP_TOKEN_SECRETand stored atMCP_TOKEN_PATHviaTokenStore. Subsequent requests reuse the cached tokens and refresh them automatically when near expiry. - Each tool execution resolves the target tenant, obtains an authorised Microsoft Graph client, and performs the requested operation.
Tool reference
The following MCP tools are available:
Health
| Tool | Description |
|---|---|
health.status | Returns connectivity information, active tenant details, cache metadata, and authentication status. |
| Tool | Description |
|---|---|
email.search | Search messages with OData filters, paging, and folder scoping. |
email.get | Retrieve a single message by ID. |
email.thread | Fetch an entire conversation thread. |
email.createDraft | Create a draft message with rich body and attachments. |
email.sendDraft | Send an existing draft. |
email.send | Compose and send a new message in one call. |
email.reply | Reply to a message (reply or reply-all based on parameters). |
email.forward | Forward an existing message to new recipients. |
email.delete | Delete a message. |
email.archive | Move a message to the archive folder. |
email.move | Move a message to a specified folder. |
email.updateCategories | Apply category labels to a message. |
email.listFolders | List folders available to the user. |
email.createFolder | Create a new mail folder. |
email.deleteFolder | Remove a mail folder. |
email.listAttachments | Enumerate attachments on a message. |
email.getAttachment | Retrieve a specific attachment. |
Calendar
| Tool | Description |
|---|---|
calendar.listEvents | Query events in a calendar view or time window. |
calendar.getEvent | Fetch an event by ID. |
calendar.createEvent | Create a new meeting or appointment. |
calendar.updateEvent | Update an existing event. |
calendar.deleteEvent | Cancel a meeting or delete an event. |
calendar.findMeetingTimes | Suggest meeting times for participants. |
calendar.getFreeBusy | Retrieve free/busy schedules for people or rooms. |
calendar.detectConflicts | Analyse potential conflicts for proposed meeting times. |
calendar.listEventAttachments | List attachments belonging to an event. |
calendar.getEventAttachment | Download an attachment from an event. |
Refer to the inline TypeScript docstrings for detailed parameters and response shapes.
Usage examples
Example MCP client invocation using the Model Context Protocol CLI:
# Start the server (assumes environment variables are set)
npm run dev
# In a separate shell, query the health status
echo '{"method":"tools.call","params":{"name":"health.status","arguments":{}}}' \
| npx @modelcontextprotocol/cli
Example email search request payload:
{
"method": "tools.call",
"params": {
"name": "email.search",
"arguments": {
"query": "from:someone@example.com",
"top": 10,
"tenantId": "<tenant-id>"
}
}
}
Troubleshooting
MCP_CLIENT_ID must be provided– The required environment variable is missing. Verify your.envfile or shell exports.- Authentication succeeds but tool calls fail with
Tenant ... is not configured– Ensure thetenantIdyou pass to a tool matches one of the IDs listed inMCP_TENANT_IDS. - Expired or invalid tokens – Delete the file at
MCP_TOKEN_PATHto force re-authentication. ConfirmMCP_TOKEN_SECREThas not changed between runs. insufficient privilegeserrors from Microsoft Graph – Review your Azure app registration and confirm admin consent was granted for the requested scopes.- Network or proxy restrictions – The device code flow requires outbound HTTPS access to
login.microsoftonline.comandgraph.microsoft.com.
Security notes
- Store
MCP_TOKEN_SECRETin a secure secret manager or environment injection tool; never commit it to version control. - Consider restricting
MCP_TENANT_IDSandMCP_DEFAULT_USER_IDto service accounts instead of personal mailboxes. - Regularly rotate the Azure client ID and regenerate secrets when rotating credentials.
- The token cache (
MCP_TOKEN_PATH) contains encrypted refresh tokens; ensure the file permissions restrict access to the service user. - When adding scopes via
MCP_SCOPES, request the minimum permissions necessary for your workflow.
Additional documentation
Contributing
We welcome issues and pull requests! See for development workflows, coding standards, and testing guidance.
License
This project is licensed under the terms of the .