ms-sentinel-mcp-server

Overview Inspect Schema Related Servers Score Discussions

entra_id_list_users

Retrieve user listings from Entra ID (Azure AD) using Microsoft Graph API to manage and monitor identity data within Microsoft Sentinel environments.

Instructions

List users in Entra ID (Azure AD) via Microsoft Graph API.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`kwargs`	Yes

Implementation Reference

tools/entra_id_tools.py:51-77 (handler)
The EntraIDListUsersTool class defines the tool named 'entra_id_list_users'. It includes the name, description, and the async run() method that executes the core logic: checks Graph permissions, fetches all users from the Microsoft Graph API /users endpoint with pagination, collects them into a list, and returns the result. Handles 403 errors specifically.
class EntraIDListUsersTool(EntraIDToolBase): """ Tool to list users in Entra ID (Azure AD) via Microsoft Graph API. """ name = "entra_id_list_users" description = "List users in Entra ID (Azure AD) via Microsoft Graph API." async def run(self, ctx: Context, **kwargs): self.check_graph_permissions() client = GraphApiClient() url = f"{GRAPH_API_BASE}/users" try: def fetch(): users = [] for page in client.call_azure_rest_api("GET", url): users.extend(page.get("value", [])) return users return await run_in_thread(fetch, name="entra_id_list_users") except requests.HTTPError as e: if e.response.status_code == 403: raise Exception("Permission denied: User.Read.All is required.") from e raise
tools/entra_id_tools.py:210-210 (registration)
The tool is registered to the MCP server instance via the register() class method called in the register_tools() function.
EntraIDListUsersTool.register(mcp)
tools/entra_id_tools.py:34-49 (helper)
The EntraIDToolBase class provides shared helper functionality for Entra ID tools, including the check_graph_permissions() method called at the start of the handler to ensure required Microsoft Graph permissions (e.g., User.Read.All).
class EntraIDToolBase(MCPToolBase): """ Base class for Entra ID tools with permission checking. Uses utilities.graph_api_utils for Graph API access and permission checks. """ def check_graph_permissions(self) -> None: """ Checks if the current identity has required Microsoft Graph permissions using the utility. Raises: Exception: If required permissions are missing. """ client = GraphApiClient() token = client.get_token() check_graph_permissions(token)

This server cannot be installed

Other Tools

Latest Blog Posts

Model Context Protocol Proxies: Enabling Enterprise Control with Virtual MCPs
By Om-Shree-0709 on December 9, 2025.
AI Security
Virtual MCP
Kubernetes Operator
The State of MCP in 2025: Who's Building What and Why It Matters
By punkpeye on December 7, 2025.
mcp
startups
MCP hosting with persistent storage
By punkpeye on December 6, 2025.
changelog

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/dstreefkerk/ms-sentinel-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server