How to add Microsoft 365 MCP Server to Cursor

Access Microsoft 365 and Office services (Outlook, Calendar, OneDrive, Excel, Teams, SharePoint) via the Graph API. Paste the config into ~/.cursor/mcp.json and restart Cursor.

Last updated June 14, 2026 · 786★ · stdio · oauth

Cursor config for Microsoft 365 MCP Server

claude mcp add ms365 -- npx -y @softeria/ms-365-mcp-server

{
  "mcpServers": {
    "microsoft-365-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@softeria/ms-365-mcp-server"
      ]
    }
  }
}

Setup steps

1Open Cursor → Settings → MCP → Add new MCP server (or edit ~/.cursor/mcp.json directly).
2Paste the Microsoft 365 MCP Server config below into the "mcpServers" object.
3Fill in placeholder secrets, then save.
4Cursor reloads MCP servers automatically — check Settings → MCP for a green status dot.
5Ask Cursor to use one of Microsoft 365 MCP Server's tools to confirm it's connected.

Before you start

Node.js >= 20 (recommended; Node.js 14+ may work with dependency warnings)
A Microsoft 365 personal or work/school account
Microsoft authentication via device code flow, OAuth, or a pre-existing OAuth token (BYOT)
Optional: a custom Azure AD app registration (MS365_MCP_CLIENT_ID / MS365_MCP_CLIENT_SECRET) for production/OAuth deployments and extra scopes

What Microsoft 365 MCP Server can do in Cursor

login

Authenticate via Microsoft device code flow; auto-checks for an existing cached token.

verify-login

Confirm/verify the current login state.

list-mail-messages

List email messages from Outlook (mapped to a Microsoft Graph endpoint).

get-mail-message

Retrieve a single Outlook email message.

list-shared-mailbox-messages

List messages from a shared mailbox (org-mode; pass the shared mailbox email as user-id).

list-drives

List OneDrive drives.

get-drive-item

Get an item from a OneDrive drive.

download-bytes

Download file bytes from OneDrive/Graph.

Security

Requires Microsoft authentication before tools can be used. Tokens are cached in the OS credential store (keytar) when available, falling back to file-based storage (0600 permissions) on headless systems. Default file fallback paths are inside the package directory and can be lost on reinstall; set MS365_MCP_TOKEN_CACHE_PATH and MS365_MCP_SELECTED_ACCOUNT_PATH to persist tokens. HTTP mode requires OAuth (Authorization: Bearer token) for all MCP requests and enables per-IP rate limiting by default. Use --read-only mode and --allowed-scopes / presets to limit the exposed tool surface and requested Graph permissions. MS365_MCP_REDACT_PII can scrub JWTs and email addresses from logs.

Microsoft 365 MCP Server + Cursor FAQ

Where is the Cursor config file?

Cursor reads MCP servers from ~/.cursor/mcp.json. Paste the Microsoft 365 MCP Server config there under the "mcpServers" key and restart the client.

Is Microsoft 365 MCP Server safe to use with Cursor?

How do I access Teams, SharePoint and other work/school features?

Enable organization mode with the --org-mode flag (or --work-mode / MS365_MCP_ORG_MODE=true). It must be enabled from the start; without it only personal account features (email, calendar, OneDrive, etc.) are available.

Do I need my own Azure app registration?

No for basic use — a built-in Softeria Azure app is used by default. For production/OAuth, custom scopes via --extra-scopes, or admin-consented enterprise deployments, configure MS365_MCP_CLIENT_ID / MS365_MCP_CLIENT_SECRET / MS365_MCP_TENANT_ID against an app you control.

Which authentication methods are supported?

Three: device code flow (default, interactive via the login tool or --login), OAuth 2.1 authorization code flow (required in --http mode), and bring-your-own-token via MS365_MCP_OAUTH_TOKEN (no token refresh handled).

View repo Full Microsoft 365 MCP Server page