Skip to main content
Glama
deenesjakoruzh
dstreefkerk

ms-sentinel-mcp-server

by dstreefkerk
OverviewInspectSchemaRelated ServersScoreDiscussions
Python
Remote

entra_id_list_users

Retrieve user accounts from Entra ID (Azure AD) using Microsoft Graph API to manage and monitor identity data for security analysis.

Instructions

List users in Entra ID (Azure AD) via Microsoft Graph API.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
kwargsYes

Implementation Reference

  • tools/entra_id_tools.py:51-77 (handler)
    The EntraIDListUsersTool class defines the tool name, description, and implements the core logic in the async run method. It checks Graph permissions, fetches users from Microsoft Graph API /users endpoint using GraphApiClient, paginates results, and handles 403 errors specifically.
    class EntraIDListUsersTool(EntraIDToolBase): """ Tool to list users in Entra ID (Azure AD) via Microsoft Graph API. """ name = "entra_id_list_users" description = "List users in Entra ID (Azure AD) via Microsoft Graph API." async def run(self, ctx: Context, **kwargs): self.check_graph_permissions() client = GraphApiClient() url = f"{GRAPH_API_BASE}/users" try: def fetch(): users = [] for page in client.call_azure_rest_api("GET", url): users.extend(page.get("value", [])) return users return await run_in_thread(fetch, name="entra_id_list_users") except requests.HTTPError as e: if e.response.status_code == 403: raise Exception("Permission denied: User.Read.All is required.") from e raise
  • tools/entra_id_tools.py:203-214 (registration)
    The register_tools function registers the EntraIDListUsersTool (and other Entra ID tools) with the MCP server instance via the class register method.
    def register_tools(mcp): """ Register all Entra ID tools with the MCP server instance. Args: mcp: The MCP server instance. """ EntraIDListUsersTool.register(mcp) EntraIDGetUserTool.register(mcp) EntraIDListGroupsTool.register(mcp) EntraIDGetGroupTool.register(mcp)
  • tools/entra_id_tools.py:34-50 (helper)
    The EntraIDToolBase class provides shared functionality for Entra ID tools, including check_graph_permissions method which verifies required Microsoft Graph permissions before tool execution.
    class EntraIDToolBase(MCPToolBase): """ Base class for Entra ID tools with permission checking. Uses utilities.graph_api_utils for Graph API access and permission checks. """ def check_graph_permissions(self) -> None: """ Checks if the current identity has required Microsoft Graph permissions using the utility. Raises: Exception: If required permissions are missing. """ client = GraphApiClient() token = client.get_token() check_graph_permissions(token)

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/dstreefkerk/ms-sentinel-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server