mcp-onedrive-sharepoint
This server provides comprehensive tools and a CLI for managing files, folders, SharePoint lists, permissions, and Excel workbooks via the Microsoft Graph API, supporting both personal OneDrive and SharePoint document libraries.
File & Folder Management
List, search, get metadata, download, upload, create folders, move/rename, copy, and delete files and folders across OneDrive and SharePoint drives (with conflict resolution, sorting, filtering, and pagination)
SharePoint Sites & Lists
Discover and resolve SharePoint sites; list site lists (including schema/field definitions); list, get, create, update, and delete list items
Drives & Storage
List all accessible drives (OneDrive + SharePoint document libraries) with quota info
Storage analytics: summarize usage, find large/old files, detect duplicates, analyze by file type
Sharing & Permissions
Create sharing links (view/edit/embed, anonymous/org/specific users, with expiration and password)
Advanced sharing with email invitations, custom messages, and permission levels
Manage item-level permissions (list, update, revoke) and check user access
Sync & Batch Operations
Sync a local folder with OneDrive/SharePoint (upload, download, or bidirectional) with conflict resolution and pattern filtering
Batch file operations (upload/download/move/copy/delete/rename in one call)
Raw Microsoft Graph batch requests for up to 20 arbitrary API calls (experimental, opt-in)
File Versions
List, restore, delete, cleanup, and compare file versions
Excel Workbooks
Read/write cell ranges, manage worksheets, set formulas, create tables and charts
Analysis: statistics, pivot summaries, data validation, named ranges
Search
Global search across files, sites, lists, list items, messages, and calendar events, or targeted searches within specific drives or sites
Utilities
Health check, get authenticated user profile (with optional manager/photo), list all drives
Authentication & Configuration
Interactive device-code flow (delegated permissions) or unattended client-credentials flow (application permissions)
Configurable tool profiles:
core(safe, day-to-day) andfull(advanced/destructive tools)Individual tools can be disabled via
MCP_DISABLED_TOOLS; site aliases kept in a local registryCLI (
ods) mirrors all server capabilities for shell-based automation
MCP OneDrive/SharePoint Server
MCP server and CLI for Microsoft Graph focused on OneDrive, SharePoint and related document workflows. It supports device-code or client-credentials auth, starts with a safe 10-tool core profile, and can opt into advanced tools for trusted automation.
Onboarding commands on a clean clone:
npm run buildnpm run lintnpm testnpm run cinpm run setup-auth
Tool profiles
The server defaults to MCP_TOOL_PROFILE=core, a smaller public surface intended for day-to-day document workflows:
health_check,list_drivesdiscover_sites,resolve_sitelist_files,search_files,get_file_metadatadownload_file,upload_file,create_folder
Set MCP_TOOL_PROFILE=full to expose advanced and destructive tools for trusted environments:
Files:
list_files,download_file,upload_file,create_folder,move_item,delete_item,search_files,get_file_metadata,share_item,copy_itemSharePoint:
discover_sites,resolve_site,list_site_lists,get_list_schema,list_items,get_list_item,create_list_item,update_list_item,delete_list_itemUtilities:
health_check,get_user_profile,list_drives,global_searchAdvanced:
advanced_share,manage_permissions,check_user_access,sync_folder,batch_file_operations,storage_analytics,version_management,excel_operations,excel_analysis
batch_operations is intentionally not part of either profile by default because it is a raw Microsoft Graph escape hatch. Enable it only for admin/debug workflows with MCP_ENABLE_EXPERIMENTAL_GRAPH_BATCH=true.
You can also remove individual tools with MCP_DISABLED_TOOLS=delete_item,manage_permissions.
Related MCP server: SharePoint MCP Server
Why this repo
one MCP server for both OneDrive and SharePoint document libraries
matching
odsCLI for shell scripting and one-shot automationdevice-code auth for interactive use; client credentials for unattended jobs
site aliases loaded from a local registry so tenant IDs stay out of git
pagination/resource helpers for
driveId,siteId,itemIdand path targeting
Requirements
Node.js 18+
A Microsoft Entra ID / Azure AD app registration. Two auth modes are supported:
Device-code (default): Public client registration with Delegated permissions (
Files.ReadWrite.All,Sites.ReadWrite.All,User.Read,offline_access). No client secret needed.Client credentials: Confidential client registration with Application permissions (
Files.ReadWrite.All,Sites.ReadWrite.All). RequiresMICROSOFT_GRAPH_CLIENT_SECRET/SP_CLIENT_SECRETin env and admin consent in Azure AD.MICROSOFT_GRAPH_TENANT_IDmust be a specific tenant UUID —commondoes not work with this flow.
Installation
git clone https://github.com/ftaricano/mcp-onedrive-sharepoint.git
cd mcp-onedrive-sharepoint
npm install
cp .env.example .envOperational wrappers
Important operational rule:
use this MCP on demand
do not keep it permanently bound/loaded in Hermes or Claude Code when not needed
prefer one-shot
spcall/mcporter --stdioexecution so the process exits right after the call and does not accumulate zombie or idle MCP processesthe
spcallwrapper includes post-call cleanup for stray repo-local MCP child processes
This repo includes lightweight wrappers for local operational use:
./scripts/run-stdio.sh: start the MCP stdio server with the repo-local.envloaded safely./scripts/spcall.sh: run ad-hocmcportercalls against the local MCP servernpm run stdio: same as./scripts/run-stdio.shnpm run spcall -- <tool> ...: same as./scripts/spcall.sh <tool> ...
Quick examples:
npm run build
./scripts/spcall.sh health_check
./scripts/spcall.sh list_drives
./scripts/spcall.sh list_files driveId=b!abc123 path=/Shared%20DocumentsTenant-specific site aliases and drive ids are loaded from a local file — see Site registry below.
CLI (ods)
Every MCP tool is also exposed as a plain subcommand through the ods CLI. It shares the same auth, config and handlers as the MCP server, so anything the MCP does is one-shot runnable from a terminal or a shell script.
npm run build
ods list # list all tools with descriptions
ods schema list_files # print JSON schema for a tool
ods auth # interactive device-code login
ods <tool> --key=value [--key value] # invoke a tool with CLI flags
ods <tool> --json '{"k":"v"}' # pass the full payload as JSONDuring development you can skip the build with npm run cli -- <tool> ....
Examples
ods health_check
ods list_files --site=primary --path=/
ods list_files --driveId=b!abc --path=/Shared%20Documents --limit=50
ods upload_file --json '{"driveId":"b!abc","path":"/x.txt","content":"hello"}'Rules for flags
--key=valueand--key valueare both accepted.true/false/nulland numeric strings are coerced automatically; anything else stays a string.Bare flags (no value, or followed by another flag) become
true.--json '<payload>'takes a JSON object; individual--key=valueflags layered on top override fields from the payload. Use this for tools with nested objects/arrays (e.g. advanced Excel tools).Output is the raw tool payload (usually pretty-printed JSON). If the handler returns an error envelope, the process exits with code
2.
Configuration
The server reads the following environment variables:
MICROSOFT_GRAPH_CLIENT_ID=your_app_client_id
MICROSOFT_GRAPH_TENANT_ID=your_tenant_uuid # use specific UUID for client-credentials; "common" works only for device-code
MICROSOFT_GRAPH_CLIENT_SECRET= # optional — activates client-credentials mode; alias SP_CLIENT_SECRET also accepted
MICROSOFT_GRAPH_SCOPES=Files.ReadWrite.All,Sites.ReadWrite.All,Directory.Read.All,User.Read,offline_access
MICROSOFT_GRAPH_BASE_URL=https://graph.microsoft.com/v1.0
MICROSOFT_GRAPH_TIMEOUT=30000
MICROSOFT_GRAPH_MAX_RETRIES=3
MICROSOFT_GRAPH_CACHE_ENABLED=true
MICROSOFT_GRAPH_CACHE_TTL=3600
MCP_TOOL_PROFILE=core
MCP_DISABLED_TOOLS=
MCP_ENABLE_EXPERIMENTAL_GRAPH_BATCH=falseNotes:
use
MICROSOFT_GRAPH_TENANT_ID=commonfor multi-tenant/device-code onboardinguse a specific tenant id if you want tenant-scoped sign-in
delegated scopes are what the current auth flow uses
set
MCP_LOCAL_FILE_ROOTto constrain local upload/download/sync file access; if unset, local paths are constrained to the process working directory
Authentication modes
Client credentials (recommended for automation)
Set MICROSOFT_GRAPH_CLIENT_SECRET (or the alias SP_CLIENT_SECRET) in the environment. When either variable is present, the server authenticates as the app identity — no user login, no token expiry issue, no Keychain MSAL cache needed.
# In .env or via cpz_keychain_env.sh / Keychain:
MICROSOFT_GRAPH_CLIENT_ID=your_app_client_id
MICROSOFT_GRAPH_TENANT_ID=your_tenant_uuid # must be specific UUID, not "common"
MICROSOFT_GRAPH_CLIENT_SECRET=your_client_secretThe app registration in Azure AD must use Application permissions (not Delegated) with admin consent granted.
Device code (interactive, default fallback)
When no clientSecret is present, the server falls back to delegated device-code flow. On first use:
npm run setup-authThe script reads MICROSOFT_GRAPH_CLIENT_ID / MICROSOFT_GRAPH_TENANT_ID from .env, starts the device-code login, and stores the resulting MSAL token in the macOS Keychain (service mcp-onedrive-sharepoint, accounts access_token and msal_token_cache).
Token maintenance: the MSAL refresh token is valid for 90 days of inactivity. If the server is not used for several days, re-run npm run setup-auth to renew. To clear stale tokens:
security delete-generic-password -s "mcp-onedrive-sharepoint" -a "access_token"
security delete-generic-password -s "mcp-onedrive-sharepoint" -a "msal_token_cache"Development commands
npm run build
npm run lint
npm test
npm run ci
npm start
npm run stdio
npm run spcall -- health_checknpm run ci is the local verification entrypoint and is also what GitHub Actions runs on every PR/push.
MCP behavior notes
Root site inclusion
discover_sites.includePersonalSite=true currently attempts to append the tenant root SharePoint site (/sites/root) when it is available to the authenticated user.
It does not discover or synthesize a personal OneDrive site.
Pagination
The following tools now expose consistent pagination metadata in their JSON payloads:
list_filessearch_filesdiscover_siteslist_site_listslist_items
When Microsoft Graph returns @odata.nextLink, the response includes:
pagination.returnedpagination.limitpagination.totalCountwhen availablepagination.nextPageTokenpagination.hasMore
Pass pageToken back to the same tool to continue paging.
Drive/site targeting
Core file listing/search/download flows now accept:
siteIdfor a SharePoint site's default drivedriveIdfor a specific document library or drivepath-based addressing where supported
This is the current foundation for moving beyond a /me/drive-only model.
Site registry
The resolver can target named SharePoint sites by alias (e.g. site=primary). The registry is loaded from an external JSON file so no tenant-specific ids are committed:
Copy
config/sites.example.jsontoconfig/sites.local.json(gitignored) and fill in your values.Or set
MCP_SITES_CONFIG_PATHto point at a different JSON file.If the file is missing, the registry stays empty and the tools only accept explicit
siteId,siteUrl, ordriveId.
Each site entry looks like:
{
"key": "primary",
"name": "Primary",
"siteId": "yourtenant.sharepoint.com,<guid>,<guid>",
"siteUrl": "https://yourtenant.sharepoint.com/sites/Primary",
"driveId": "b!<drive-id>",
"aliases": ["primary", "/sites/Primary"]
}MCP stdio snippet
Use the wrapper as the MCP command so the repo-local .env is loaded automatically:
{
"mcpServers": {
"sharepoint": {
"command": "/absolute/path/to/mcp-onedrive-sharepoint/scripts/run-stdio.sh"
}
}
}Example tool inputs
List files from a specific drive
{
"driveId": "b!abc123",
"path": "/Shared Documents",
"limit": 50
}Continue a paginated file listing
{
"driveId": "b!abc123",
"pageToken": "https://graph.microsoft.com/v1.0/drives/b!abc123/root/children?$skiptoken=..."
}Search files in a site drive
{
"siteId": "contoso.sharepoint.com,123,456",
"query": "quarterly report",
"limit": 25
}List SharePoint list items with pagination
{
"siteId": "contoso.sharepoint.com,123,456",
"listId": "9c6b8b70-0000-0000-0000-111111111111",
"orderBy": "Created desc",
"limit": 100
}Troubleshooting
invalid_grant/AADSTSon first run: token store is empty or expired. Runnpm run setup-authagain.403 Forbiddenon SharePoint lists/drives: the signed-in user lacks permission to the target site. Check with the site owner.404on adriveIdorsiteId: the identifier is stale or the resource was deleted. Uselist_drives/discover_sitesto re-discover.Build fails on a clean clone: make sure Node.js is 18+ and run
npm installbeforenpm run build.AADSTS700016or401with client credentials: ensureMICROSOFT_GRAPH_TENANT_IDis a specific tenant UUID (notcommon) and that Application permissions have admin consent in Azure AD.AADSTS7000215(invalid client secret): the secret has expired or was deleted in Azure AD. Rotate it in the app registration and updateMICROSOFT_GRAPH_CLIENT_SECRET.Silent token refresh failed / device-code prompt in automated run: token cache in Keychain is stale. Either set
MICROSOFT_GRAPH_CLIENT_SECRETto switch to client-credentials mode (no expiry), or clear the Keychain entries above and re-runnpm run setup-auth.
Security
This server handles Microsoft Graph OAuth tokens and delegated access to corporate file storage. Treat it accordingly:
.env,tokens.json,credentials.jsonand the OS keychain entries are never committed — see .gitignore.tenant-specific
siteId,driveId, SharePoint URLs and internal operational paths should stay in local/private docs, not in this public repo.Report security issues privately via GitHub security advisories — do not open a public issue.
If a token leaks, revoke it from Azure AD → Enterprise Applications → your app → Users & groups and re-run
npm run setup-auth.
Contributing
Issues and PRs welcome. Before opening a PR:
npm run cipasses (build + lint + tests)one focused change per PR
no credentials, tenant-specific ids, or internal paths in commits or README
License
MIT © Fernando Taricano
Current limitations
in device-code mode, authentication requires an interactive login on first use and periodic renewal; in client-credentials mode the flow is fully non-interactive but requires Application permissions and admin consent in Azure AD
advanced/destructive tools require
MCP_TOOL_PROFILE=fullraw Graph batch calls require
MCP_ENABLE_EXPERIMENTAL_GRAPH_BATCH=true
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/ftaricano/mcp-onedrive-sharepoint'
If you have feedback or need assistance with the MCP directory API, please join our Discord server