SharePoint MCP Server
A production-ready Model Context Protocol (MCP) server for Microsoft SharePoint integration. Enables Claude Desktop and Claude Code to interact with SharePoint sites, document libraries, and files via the Microsoft Graph API.
Features
Site Management: List and browse SharePoint sites
File Operations: Browse, search, upload, and download files
Document Libraries: Access and manage document libraries
Sharing: Create sharing links for files
Search: Full-text search across SharePoint
Lists: Read and create SharePoint list items
OAuth Authentication: Secure browser-based login with automatic token refresh
Structured Output: All responses use Pydantic models for type safety
Available Tools
Tool | Description |
| List SharePoint sites you have access to |
| Get document libraries for a site |
| Browse files in a library/folder (with pagination) |
| Search files across SharePoint |
| Download and read file content |
| Upload a file to a library |
| Get detailed file metadata |
| Generate a sharing link for a file |
| Get items from a SharePoint list |
| Add an item to a SharePoint list |
Quick Start
Prerequisites
Python 3.11+ and uv package manager
# Install uv if you don't have it curl -LsSf https://astral.sh/uv/install.sh | shAzure AD App Registration (see Azure Setup Guide)
Client ID
Tenant ID
Required permissions: Sites.Read.All, Files.ReadWrite.All, User.Read, offline_access
Redirect URI:
http://localhost:8765/callback
Installation
Option A: Using uvx (Recommended for End Users)
Add to your Claude Desktop config at ~/Library/Application Support/Claude/claude_desktop_config.json:
Restart Claude Desktop. The first time you use a SharePoint command, a browser window will open for authentication.
Option B: Using uv --directory (For Development)
Clone this repository and add to your Claude Desktop config:
Option C: Using Claude Code
First Run
Open Claude Desktop and ask: "List my SharePoint sites"
A browser window will open automatically
Sign in with your Microsoft account
Grant the requested permissions
Return to Claude - you're authenticated!
Tokens are securely stored in your OS keychain and refreshed automatically.
Configuration
Environment Variables
Variable | Required | Description |
| Yes | Azure AD application client ID |
| Yes | Azure AD tenant ID |
| No | OAuth redirect URI (default: |
| No | Logging level (default: |
Config File (Alternative)
Create ~/.config/sharepoint-mcp/config.json:
Usage Examples
Browse Files
The assistant will:
Call
list_siteswith search="Marketing"Call
list_librariesfor that siteCall
list_filesfor the Documents libraryShow you the file list
Search for a Document
The assistant will call search_files with query="Q4 reports filetype:pdf"
Upload a File
The assistant will:
Find the site and library
Call
upload_filewith the contentConfirm the upload
Create a Sharing Link
The assistant will:
Search for or browse to the file
Call
create_sharing_linkwith link_type="view" and expiration_days=7Return the shareable URL
Azure AD App Setup
You need to register an application in Azure AD to use this MCP server. See the detailed guide: docs/azure-setup.md
Quick summary:
Go to Azure Portal → Azure Active Directory → App registrations
Create a new registration:
Name: "SharePoint MCP Server"
Supported account types: "Accounts in this organizational directory only"
Redirect URI: Web →
http://localhost:8765/callback
Add API permissions:
Microsoft Graph → Delegated permissions:
Sites.Read.AllFiles.ReadWrite.AllUser.Readoffline_access
Grant admin consent (if required)
Authentication → Enable "Allow public client flows"
Copy the Client ID and Tenant ID for your configuration
Development
Setup
Project Structure
Testing
Troubleshooting
Authentication Issues
Problem: "Missing configuration" error
Solution: Ensure you've set AZURE_CLIENT_ID and AZURE_TENANT_ID environment variables in your MCP config.
Problem: Browser doesn't open for authentication
Solution: The server starts a local web server on port 8765. Ensure this port isn't blocked by a firewall.
Problem: "Authentication timed out"
Solution: Complete the authentication within 2 minutes. If you miss the window, try the command again.
Re-authentication
To clear stored tokens and re-authenticate:
Then restart Claude Desktop and try a SharePoint command again.
Permission Errors
Problem: "Access denied" or "Insufficient permissions"
Solution:
Verify the Azure AD app has the required permissions
Ensure admin consent has been granted (if required by your organization)
Check that your Microsoft account has access to the SharePoint site/file
Debug Logging
Enable debug logging by setting LOG_LEVEL=DEBUG in your MCP config:
Check logs at:
macOS:
~/Library/Logs/Claude/mcp-server-sharepoint.logWindows:
%APPDATA%\Claude\Logs\mcp-server-sharepoint.log
Limitations
File size: Downloads limited to 10MB (configurable in code)
Pagination: List operations return up to 200 items per page (use cursor for more)
Search: Uses Microsoft Search, results depend on indexing
Rate limiting: Graph API has rate limits; the client implements automatic retry with backoff
Security
OAuth tokens are stored securely in your OS keychain (macOS Keychain, Windows Credential Manager, Linux Secret Service)
No passwords are stored - only temporary OAuth tokens
Automatic refresh - access tokens are refreshed automatically before expiration
Local callback server - runs only during authentication, binds to localhost only
Contributing
Contributions are welcome! Please:
Fork the repository
Create a feature branch
Add tests for new functionality
Ensure all tests pass and type checking succeeds
Submit a pull request
License
MIT License - see LICENSE for details
Support
Issues: GitHub Issues
Discussions: GitHub Discussions
Documentation: docs/
Acknowledgments
Built with:
MCP Python SDK - FastMCP framework
MSAL - Microsoft Authentication Library
httpx - Async HTTP client
Pydantic - Data validation