Outlook MCP
Comprehensive MCP server for Microsoft Outlook and Teams via Graph API covering email, calendar, contacts, tasks, teams, chats, and meetings
Score Breakdown
Server Info
- Package
- outlook-mcp
- Registry
- npm
- Repository
- stefanskiasan/outlook-mcp
- Maintainer
- Community
- Category
- Communication
- Tags
- emailcalendarteamsmicrosoft
- Last Scanned
- 7 Apr 2026
Findings
9 issuesAuthentication & Identity
HIGHNo per-request auth - requires instance-per-user
Stdio-only transport. Auth via MS_CLIENT_ID/MS_CLIENT_SECRET env vars for Azure app registration. Uses device code flow initiated via the 'authenticate' tool at runtime. Tokens stored in ~/.outlook-mcp-tokens.json file. Separate OAuth callback server on port 3333. No MCP OAuth spec support. Has a te... For multi-tenant deployment, the platform must spawn a separate server instance per user.
Add HTTP/SSE transport to accept per-request Authorization headers, or implement the MCP OAuth spec.
Tool Schema Quality
HIGHRequired fields missing on 2 write operations
Write tools without required field declarations: authenticate, create-draft.
Add required arrays to all write/delete tool schemas.
MEDIUMOnly 5 of 60 schemas have parameter constraints
Most schemas lack maxLength, enum, or pattern constraints on string parameters.
Add constraints to string parameters, especially on write operations.
Permission Granularity
MEDIUM3 tools combine read and write operations
26 read tools, 25 write tools, 5 destructive/admin tools (authenticate, delete-event, bulk-delete-emails, delete-channel, delete-online-meeting). 3 mixed tools: list-inbox-emails and search-inbox-emails have overlapping scope with list-emails and search-emails (redundant but not harmful). Descriptions are specific about what each tool does. No way to disable specific tool groups. All tools are always registered.
Split into separate read and write tools.
LLM Safety
HIGHTool descriptions contain instructional language
Descriptions include directives that could influence LLM behavior beyond tool selection.
Remove instructional language. Descriptions should be purely factual.
MEDIUMOverlapping tool descriptions may cause wrong selection
Similar descriptions between tools could cause the LLM to pick the wrong one.
Differentiate descriptions with unique use cases.
Data Exposure
MEDIUM10 list operations lack pagination
No pagination support on any list tool. List tools use a count parameter with hardcoded max of 50. No cursor/pageToken/offset parameters. No field selection - full records returned. This limits the server to small result sets and cannot retrieve historical data beyond the most recent 50 items.
Add limit/offset or cursor-based pagination.
LOWNo field selection on responses
Responses return full records rather than projected fields.
Implement field selection to return only relevant fields.
Maintenance & Trust
LOWCommunity-maintained by Asan Stefanski
No official vendor backing.
Seek vendor verification.
Tools
60 total| Name | Description | Risk |
|---|---|---|
| about | Returns information about this Outlook Assistant server | read |
| authenticate | Authenticate with Microsoft Graph API to access Outlook data | admin |
| check-auth-status | Check the current authentication status with Microsoft Graph API | read |
| list-events | Lists upcoming events from your calendar | read |
| decline-event | Declines a calendar event | write |
| create-event | Creates a new calendar event | write |
| cancel-event | Cancels a calendar event | write |
| delete-event | Deletes a calendar event | admin |
| list-emails | Lists recent emails from your inbox | read |
| search-emails | Search for emails using various criteria | read |
| read-email | Reads the content of a specific email | read |
| send-email | Composes and sends a new email | write |
| mark-as-read | Marks an email as read or unread | write |
| list-attachments | Lists attachments for a specific email | read |
| download-attachment | Downloads an email attachment | read |
| reply-to-email | Replies to an email | write |
| forward-email | Forwards an email to other recipients | write |
| set-email-categories | Sets categories for an email | write |
| set-email-importance | Sets importance level for an email | write |
| flag-email | Flags an email with follow-up information | write |
| list-drafts | Lists email drafts | read |
| create-draft | Creates a new email draft | write |
| update-draft | Updates an existing email draft | write |
| send-draft | Sends an email draft | write |
| list-inbox-emails | Lists emails EXCLUSIVELY from your inbox - never searches other folders. | read |
| search-inbox-emails | Search emails EXCLUSIVELY within your inbox - never searches other folders. | read |
| bulk-delete-emails | Deletes multiple emails at once. Supports batch operations for better performance. Use with caution - this action cannot be undone! | admin |
| bulk-read-emails | Reads multiple emails at once using efficient batch processing. | read |
| list-folders | Lists mail folders with full hierarchy support | read |
| create-folder | Creates mail folders with unlimited nesting support. | write |
| move-emails | Moves emails between folders with deep hierarchy support. | write |
| list-rules | Lists inbox rules in your Outlook account | read |
| create-rule | Creates a new inbox rule | write |
| edit-rule-sequence | Changes the execution order of an existing inbox rule | write |
| list-teams | Lists teams that the user is a member of | read |
| get-team-details | Gets detailed information about a specific team | read |
| list-team-members | Lists members of a specific team | read |
| list-channels | Lists channels in a team | read |
| get-channel-details | Gets detailed information about a specific channel | read |
| create-channel | Creates a new channel in a team | write |
| update-channel | Updates an existing channel | write |
| delete-channel | Deletes a channel from a team | admin |
| list-channel-messages | Lists messages in a channel | read |
| get-message-details | Gets detailed information about a specific message | read |
| send-channel-message | Sends a message to a channel | write |
| reply-to-message | Replies to a message in a channel | write |
| list-chats | Lists chats that the user is a member of | read |
| get-chat-details | Gets detailed information about a specific chat | read |
| list-chat-messages | Lists messages in a chat | read |
| send-chat-message | Sends a message to a chat | write |
| create-chat | Creates a new chat with specified members | write |
| get-my-presence | Gets the current user's presence status | read |
| get-user-presence | Gets the presence status of a specific user | read |
| set-my-presence | Sets the current user's presence status | write |
| get-multiple-users-presence | Gets the presence status of multiple users | read |
| list-online-meetings | Lists online meetings created by the user | read |
| create-online-meeting | Creates a new online meeting | write |
| get-online-meeting | Gets detailed information about a specific online meeting | read |
| update-online-meeting | Updates an existing online meeting | write |
| delete-online-meeting | Deletes an online meeting | admin |
Deploy Outlook MCP securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow