Skip to main content
Glama
badchars

osint-mcp-server

by badchars
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Remote

m365_userrealm

Detect Microsoft 365 tenant authentication type by analyzing a domain's user realm to identify namespace type, federation brand, and authentication endpoints for security assessment.

Instructions

Detect authentication type for a domain's Microsoft 365 tenant. Returns namespace type (Managed/Federated), federation brand name, and auth endpoints.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
domainYesDomain to check user realm for

Implementation Reference

  • src/m365/index.ts:57-83 (handler)
    The core logic for the m365_userrealm tool, which performs a request to Microsoft's getuserrealm.srf endpoint to detect if a domain is Managed or Federated.
    export async function m365UserRealm(domain: string): Promise<M365UserRealmResult> {
  try {
    const res = await fetch(
      `https://login.microsoftonline.com/getuserrealm.srf?login=test@${encodeURIComponent(domain)}&json=1`,
    );
    if (!res.ok) return { domain, found: false };

    const data = await res.json();

    // NameSpaceType 0 = Unknown, 1 = Managed, 2 = Federated
    let namespaceType: string | undefined;
    if (data.NameSpaceType === "Managed" || data.NameSpaceType === 1) namespaceType = "Managed";
    else if (data.NameSpaceType === "Federated" || data.NameSpaceType === 2) namespaceType = "Federated";
    else if (data.NameSpaceType !== undefined) namespaceType = String(data.NameSpaceType);

    return {
      domain,
      found: namespaceType !== undefined,
      namespaceType,
      federationBrandName: data.FederationBrandName,
      federationActiveAuthUrl: data.AuthURL ?? data.STSAuthUrl,
      cloudInstanceName: data.CloudInstanceName ?? data.CloudInstanceIssuerUri,
    };
  } catch {
    return { domain, found: false };
  }
}
  • src/protocol/tools.ts:448-455 (registration)
    The registration and definition of the m365_userrealm tool, including its schema and execution handler.
    const m365UserRealmTool: ToolDef = {
  name: "m365_userrealm",
  description: "Detect authentication type for a domain's Microsoft 365 tenant. Returns namespace type (Managed/Federated), federation brand name, and auth endpoints.",
  schema: {
    domain: z.string().describe("Domain to check user realm for"),
  },
  execute: async (args) => json(await m365UserRealm(args.domain as string)),
};
  • src/m365/index.ts:13-20 (schema)
    The interface definition for the result returned by m365UserRealm.
    interface M365UserRealmResult {
  domain: string;
  found: boolean;
  namespaceType?: string; // "Managed" or "Federated"
  federationBrandName?: string;
  federationActiveAuthUrl?: string;
  cloudInstanceName?: string;
}
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/badchars/osint-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server