Discover Awesome MCP Servers

SharePoint MCP: The .NET MCP Server with Graph API & Semantic Kernel

Okay, let's clarify what you mean by "MCP server." It's likely you're referring to creating a *Microsoft Cloud Proxy* (MCP) server or a similar solution to securely access SharePoint Online. There isn't a single, pre-built "MCP server" product from Microsoft specifically for SharePoint Online access in the way you might be thinking. Instead, you'll need to configure a solution that acts as a proxy and potentially adds security layers. Here's a breakdown of how you can achieve secure access to SharePoint Online, along with explanations and code examples where applicable. I'll cover several approaches, from simpler to more complex, and explain the trade-offs: **Understanding the Problem** Directly exposing SharePoint Online to the internet without proper security measures is risky. You want to: * **Control Access:** Restrict who can access SharePoint Online. * **Secure Authentication:** Use strong authentication methods (e.g., Multi-Factor Authentication - MFA). * **Protect Against Threats:** Mitigate risks like data exfiltration, unauthorized access, and malware. * **Audit and Monitor:** Track access and identify potential security incidents. **Solutions** Here are several approaches, ranging from simpler to more complex, to create a secure access point for SharePoint Online: **1. Azure Application Proxy (Simplest, Recommended for Many Scenarios)** * **What it is:** Azure Application Proxy is a feature of Azure Active Directory (Azure AD) that allows you to publish on-premises web applications (or, in this case, act as a reverse proxy for SharePoint Online) to users outside your network. It provides secure remote access without requiring a VPN. * **How it works:** 1. **Azure AD Authentication:** Users authenticate against Azure AD. 2. **Application Proxy Connector:** A lightweight agent installed on an on-premises server (or an Azure VM) establishes an outbound connection to Azure. *Important: This connector does NOT require inbound ports to be opened on your firewall.* 3. **Reverse Proxy:** The Application Proxy service acts as a reverse proxy, forwarding requests from authenticated users to SharePoint Online. * **Why it's good:** * **Easy to set up:** Relatively straightforward configuration in the Azure portal. * **Secure:** Leverages Azure AD's security features, including MFA. * **No VPN required:** Users can access SharePoint Online from anywhere with an internet connection. * **Cost-effective:** Part of Azure AD Premium P1 or P2. * **How to set it up (High-Level):** 1. **Azure AD Premium:** Ensure you have Azure AD Premium P1 or P2. 2. **Install Application Proxy Connector:** Download and install the Application Proxy Connector on a Windows Server (or Azure VM) within your network. Make sure the server has outbound internet access. 3. **Configure Application Proxy:** * In the Azure portal, go to Azure Active Directory > Enterprise applications > Application Proxy. * Click "New application." * Choose "On-premises application." * **Name:** Give your application a descriptive name (e.g., "SharePoint Online Proxy"). * **Internal URL:** `https://yourtenant.sharepoint.com` (replace `yourtenant` with your actual SharePoint Online tenant name). * **External URL:** Choose a URL for users to access the application (e.g., `https://sharepoint.yourdomain.com`). You'll need to configure a DNS record for this URL. * **Pre Authentication:** Set to "Azure Active Directory." * **Connector Group:** Select the connector group you created when installing the Application Proxy Connector. * Click "Create." 4. **Assign Users:** Assign users or groups to the application in Azure AD. 5. **Configure Conditional Access (Recommended):** Implement Conditional Access policies to enforce MFA, device compliance, and other security requirements. * **Example Conditional Access Policy (MFA Requirement):** * **Conditions:** * **Users and groups:** Select the users or groups you want to protect. * **Cloud apps or actions:** Select the Application Proxy application you created. * **Access controls:** * **Grant:** Require multi-factor authentication. **2. Reverse Proxy with a Web Application Firewall (WAF) (More Control, More Complex)** * **What it is:** This involves setting up a dedicated reverse proxy server (e.g., using Nginx, Apache, or Azure Application Gateway) in front of SharePoint Online, combined with a Web Application Firewall (WAF) to protect against web attacks. * **How it works:** 1. **User Request:** A user sends a request to the reverse proxy. 2. **Authentication/Authorization:** The reverse proxy can authenticate the user (e.g., using Azure AD authentication flows) and authorize access based on roles or groups. 3. **WAF Inspection:** The WAF inspects the request for malicious content or patterns. 4. **Forward to SharePoint Online:** If the request is deemed safe, the reverse proxy forwards it to SharePoint Online. 5. **SharePoint Online Response:** SharePoint Online processes the request and sends the response back through the reverse proxy to the user. * **Why it's good:** * **Granular Control:** You have more control over authentication, authorization, and security policies. * **Advanced Security:** WAF provides protection against a wide range of web attacks (e.g., SQL injection, cross-site scripting). * **Customization:** You can customize the reverse proxy and WAF configuration to meet your specific requirements. * **How to set it up (High-Level - Example using Azure Application Gateway):** 1. **Create an Azure Application Gateway:** In the Azure portal, create an Application Gateway. 2. **Configure Backend Pool:** Add `yourtenant.sharepoint.com` (replace `yourtenant`) to the backend pool. Use HTTPS on port 443. 3. **Configure HTTP Settings:** Create an HTTP setting with HTTPS protocol and port 443. Set "Override host name" to "Pick host name from backend address." 4. **Configure Listener:** Create a listener with a public IP address or a custom domain name. 5. **Configure Routing Rule:** Create a routing rule that forwards requests from the listener to the backend pool using the HTTP setting. 6. **Enable WAF (Optional but Highly Recommended):** Enable the Web Application Firewall (WAF) on the Application Gateway. Configure the WAF rules to protect against common web attacks. 7. **Authentication (Example using Azure AD):** * Register an application in Azure AD. * Configure the Application Gateway to use Azure AD for authentication. This typically involves using OpenID Connect (OIDC) or OAuth 2.0 flows. This is a more complex configuration. * **Example Nginx Configuration (Basic Reverse Proxy - No WAF):** ```nginx server { listen 443 ssl; server_name sharepoint.yourdomain.com; # Replace with your domain ssl_certificate /path/to/your/certificate.pem; # Replace with your certificate path ssl_certificate_key /path/to/your/private.key; # Replace with your key path location / { proxy_pass https://yourtenant.sharepoint.com; # Replace with your tenant proxy_set_header Host yourtenant.sharepoint.com; # Replace with your tenant proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } ``` **Important Considerations for Nginx/Apache:** * **SSL/TLS:** Always use HTTPS and configure SSL/TLS certificates correctly. * **Security Hardening:** Harden your Nginx/Apache server to prevent vulnerabilities. * **Authentication:** Implementing authentication with Nginx/Apache requires more complex configuration, often involving modules like `mod_auth_openidc` (for Apache) or similar solutions for Nginx to integrate with Azure AD or other identity providers. **3. Custom Proxy Application (Most Control, Most Complex)** * **What it is:** You develop your own proxy application using a programming language like C#, Python, or Node.js. This gives you the most control over the proxy logic, authentication, and security. * **How it works:** 1. **User Request:** A user sends a request to your custom proxy application. 2. **Authentication/Authorization:** Your application authenticates the user (e.g., using Azure AD authentication libraries) and authorizes access. 3. **Request Transformation:** Your application can modify the request before forwarding it to SharePoint Online (e.g., adding headers, transforming data). 4. **Forward to SharePoint Online:** Your application forwards the request to SharePoint Online. 5. **SharePoint Online Response:** SharePoint Online processes the request and sends the response back to your application. 6. **Response Transformation:** Your application can modify the response before sending it to the user. * **Why it's good:** * **Maximum Control:** You have complete control over the proxy logic and security features. * **Customization:** You can implement highly customized authentication, authorization, and request/response transformation logic. * **Integration:** You can integrate the proxy with other systems and services. * **How to set it up (High-Level - Example using C# and Azure AD):** 1. **Create an Azure AD Application Registration:** Register an application in Azure AD. 2. **Develop the Proxy Application:** * Use a framework like ASP.NET Core or a similar framework in your chosen language. * Implement authentication using the Microsoft Authentication Library (MSAL) to authenticate users against Azure AD. * Implement authorization logic to control access to SharePoint Online resources. * Use the `HttpClient` class to forward requests to SharePoint Online. * Handle responses from SharePoint Online and forward them to the user. 3. **Deploy the Application:** Deploy the application to a server or cloud platform (e.g., Azure App Service). * **Example C# Code (Simplified - Authentication and Proxy):** ```csharp using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Identity.Web; using Microsoft.Identity.Web.UI; using System.Net.Http; using System.Net.Http.Headers; using System.Threading.Tasks; namespace SharePointProxy.Controllers { [Authorize] public class SharePointController : Controller { private readonly IHttpClientFactory _httpClientFactory; private readonly ITokenAcquisition _tokenAcquisition; public SharePointController(IHttpClientFactory httpClientFactory, ITokenAcquisition tokenAcquisition) { _httpClientFactory = httpClientFactory; _tokenAcquisition = tokenAcquisition; } [HttpGet("/sharepoint")] public async Task<IActionResult> GetSharePointData() { string[] scopes = new string[] { "https://yourtenant.sharepoint.com/.default" }; // Replace with your SharePoint Online URL string accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scopes); var client = _httpClientFactory.CreateClient(); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); string sharePointUrl = "https://yourtenant.sharepoint.com/_api/web/title"; // Replace with the SharePoint API endpoint you want to access var response = await client.GetAsync(sharePointUrl); if (response.IsSuccessStatusCode) { var content = await response.Content.ReadAsStringAsync(); return Ok(content); } else { return StatusCode((int)response.StatusCode, response.ReasonPhrase); } } } } ``` **Important Considerations for Custom Proxies:** * **Security:** Implement robust security measures to protect against vulnerabilities. * **Performance:** Optimize the proxy application for performance to minimize latency. * **Maintainability:** Design the application for maintainability and scalability. * **Error Handling:** Implement comprehensive error handling and logging. **Choosing the Right Solution** * **Azure Application Proxy:** The easiest and often the best option for simple scenarios where you just need to provide secure remote access to SharePoint Online. * **Reverse Proxy with WAF:** A good choice when you need more control over authentication, authorization, and security policies, and you want to protect against web attacks. * **Custom Proxy Application:** The most flexible option, but also the most complex to develop and maintain. Use this when you have very specific requirements that cannot be met by the other solutions. **Key Considerations for All Solutions** * **Authentication:** Use strong authentication methods, such as Azure AD with MFA. * **Authorization:** Implement granular authorization policies to control access to SharePoint Online resources. * **Logging and Monitoring:** Enable logging and monitoring to track access and identify potential security incidents. * **Regular Updates:** Keep your proxy server and related software up to date with the latest security patches. * **Least Privilege:** Grant users only the minimum necessary permissions. * **Network Segmentation:** Segment your network to isolate the proxy server from other systems. **In summary, there's no single "MCP server" button to push. You need to build a solution that acts as a secure gateway to SharePoint Online. Azure Application Proxy is often the best starting point, but consider the other options if you have more complex requirements.** Remember to replace placeholders like `yourtenant.sharepoint.com` and `/path/to/your/certificate.pem` with your actual values. Also, the code examples are simplified and may require further customization to meet your specific needs. Consult the official Microsoft documentation for detailed instructions and best practices.

Poetry MCP Server

Manages poetry catalogs with state-based tracking, thematic connections via nexuses, quality scoring across 8 dimensions, and submission tracking to literary venues, treating poems as artifacts with metadata stored in markdown frontmatter.

MCP Brain Service

Enables character management and semantic search for the Auto-Movie application through WebSocket communication. Supports creating characters with personality/appearance descriptions and finding similar characters using natural language queries with embedding-based similarity matching.

MCP NodeJS Debugger

Allows Claude to directly debug a NodeJS server by setting breakpoints, inspecting variables and stepping through code.

AI Use Cases MCP Server

A Model Context Protocol server that collects, analyzes, and manages AI use case data from various information sources with features for web scraping, data analysis, and trend identification.

Unified Auth0 MCP Server

An MCP server that enables Claude Code to access Auth0-protected APIs by handling OAuth authentication flows and securely proxying API requests with user credentials.

Crypto Price & Market Analysis MCP Server

Provides comprehensive cryptocurrency analysis using the CoinCap API, offering real-time price data, market analysis across exchanges, and historical price trends for any cryptocurrency.

float-mcp

A community MCP server for float.com.

shivonai-mcp

Nossas Ferramentas MCP são projetadas para aprimorar os serviços de entrevistas automatizadas orientadas por IA, garantindo um processo de avaliação de candidatos contínuo e contextualmente relevante. Essas ferramentas aproveitam modelos avançados de IA para analisar respostas, avaliar competências e fornecer feedback em tempo real.

macOS Defaults MCP Server

Enables reading and writing macOS system defaults and settings through commands equivalent to the defaults command-line tool. Supports listing domains, searching for settings, and modifying system preferences programmatically.

Gemini Flash Image MCP Server

Enables text-to-image generation, image editing, and multi-image composition using Google's Gemini 2.5 Flash Image API. Supports flexible aspect ratios and character consistency across generations.

Dify MCP Server

Um servidor baseado em TypeScript que conecta Clientes MCP a aplicações Dify, expondo dinamicamente as aplicações Dify como ferramentas que podem ser usadas diretamente dentro do Cliente MCP.

Git Auto Commit MCP Server

Analyzes git changes in repositories and generates conventional commit messages using OpenAI's GPT models, supporting both staged and unstaged changes with detailed summaries.

MCP Datastore Server

An MCP server that enables interaction with Google Firestore in Datastore mode for entity management and querying. It provides tools for CRUD operations, aggregation queries, and transaction execution within Google Cloud projects.

memora

Persistent memory with knowledge graph visualization, semantic/hybrid search, importance scoring, and cloud sync (S3/R2) for cross-session context management.

DeepClaude MCP Server

This server integrates DeepSeek and Claude AI models to provide enhanced AI responses, featuring a RESTful API, configurable parameters, and robust error handling.

MySQL MCP Server

An MCP server that allows working with MySQL databases by providing tools for executing read-only SQL queries, getting table schemas, and listing database tables.

Node Terminal MCP

Enables AI agents to interact with terminal environments through multiple concurrent PTY sessions. Supports cross-platform terminal operations including command execution, session management, and real-time communication.

MCP ComfyUI Flux

Enables AI image generation using FLUX models through ComfyUI with GPU acceleration, supporting image generation, 4x upscaling, and background removal with optimized Docker deployment.

Runware MCP Server

Enables lightning-fast AI image and video generation, upscaling, background removal, captioning, and masking through the Runware API with automatic model selection and comprehensive validation.

FastAPI MCP Server

A Model Context Protocol server that provides tools for introspecting and analyzing FastAPI applications, including route discovery, model schema extraction, and source code viewing. It enables users to explore API structures, generate documentation, and debug dependency injection hierarchies through natural language.

fengchong-demo

Demonstração Fengchong

Node MCP Server

A minimal Express-based MCP server that exposes a weather tool through HTTP endpoints, demonstrating how to implement the Model Context Protocol with streamable HTTP transport.

PC-Control MCP Server

Enables control of Windows PC through Claude Desktop, including executing shell commands, managing system resources, controlling audio/power, launching applications, taking screenshots, and managing windows and processes.

MCP Rewatch

A Model Context Protocol server that enables AI coding assistants like Claude Code to manage long-running development processes, solving the problem where Claude Code cannot see output from processes like 'npm run dev' that don't exit immediately.

MySQL-Performance-Tuner-Mcp

MySQL MCP Performance Tuning Server - AI-powered MySQL performance tuning capabilities

mcp-nativewind

Transforma componentes Tailwind para NativeWind 4.

MCP Financial Datasets Server

Provides backtesting-compliant financial data including company financials, historical stock and crypto prices, and news with sentiment analysis from financialdatasets.ai API.

Azure Pricing MCP Server

Enables querying Azure retail pricing information, comparing costs across regions and SKUs, estimating usage-based expenses, and discovering Azure services with savings plan information through the Azure Retail Prices API.