Microsoft 365 SharePoint MCP Server

Create a powerful Model Context Protocol (MCP) server for SharePoint in minutes with our AI Gateway. This guide walks you through setting up seamless SharePoint integration with enterprise-grade security and instant OAuth authentication.

About SharePoint API

SharePoint is Microsoft's powerful platform for content management, collaboration, and business process automation. The SharePoint API (via Microsoft Graph) provides comprehensive access to:

• Document Libraries: Store, organize, and manage files
• Lists & Data: Custom lists for structured data management
• Sites & Pages: Team sites, communication sites, and pages
• Permissions: Granular access control and sharing
• Search: Enterprise-wide content discovery
• Metadata & Taxonomy: Content classification and tagging
• Workflows: Business process automation
• Version Control: Document versioning and history

Key Features

• Microsoft Graph API: Unified endpoint for SharePoint access
• REST APIs: Comprehensive RESTful interface
• Real-time Sync: OneDrive sync capabilities
• Co-authoring: Simultaneous document editing
• External Sharing: Secure external collaboration
• Power Platform: Integration with Power Apps and Power Automate
• Teams Integration: Seamless Microsoft Teams connectivity
• Multi-geo: Data residency compliance

What You Can Do with SharePoint MCP Server

The MCP server transforms SharePoint's API into a natural language interface, enabling AI agents to:

Document Management

• File Operations

  • "Upload the quarterly report to the Finance team site"
  • "Find all documents modified by John in the last week"
  • "Move all 2023 invoices to the archive library"
  • "Create a folder structure for the new project"

• Version Control

  • "Show version history for the contract document"
  • "Restore the previous version of the budget spreadsheet"
  • "Compare changes between document versions"
  • "Set up approval workflow for document updates"

• Metadata & Search

  • "Tag all HR documents with department metadata"
  • "Find all contracts expiring in the next 30 days"
  • "Search for documents containing 'compliance' in Legal site"
  • "Update document properties in bulk"

Lists & Data Management

• List Operations

  • "Create a task list for the marketing campaign"
  • "Add new items to the inventory tracking list"
  • "Update status column for all completed projects"
  • "Export customer list to Excel"

• Custom Columns

  • "Add a priority column to the issues list"
  • "Create lookup column linking to employees list"
  • "Set up calculated fields for project budgets"
  • "Configure choice columns with predefined options"

• Views & Filtering

  • "Create a view showing only high-priority items"
  • "Filter tasks assigned to current user"
  • "Group items by department and status"
  • "Sort documents by last modified date"

Sites & Pages

• Site Management

  • "Create a new team site for Product Development"
  • "Clone the project template site for Q2 initiative"
  • "Update site permissions for external vendors"
  • "Generate site usage analytics report"

• Page Operations

  • "Create a news post about the company update"
  • "Update the team landing page with new members"
  • "Add web parts to the department homepage"
  • "Publish draft pages after approval"

• Navigation

  • "Update site navigation with new document libraries"
  • "Create hub site navigation for all departments"
  • "Add quick links to frequently used resources"
  • "Organize site contents by categories"

Collaboration & Sharing

• Permissions Management

  • "Grant read access to external partners"
  • "Remove user access from confidential folders"
  • "Create sharing links with expiration dates"
  • "Audit who has access to sensitive documents"

• Team Collaboration

  • "Share project documents with the team"
  • "Set up co-authoring for the proposal document"
  • "Create team channel folders in SharePoint"
  • "Sync libraries to team members' OneDrive"

• External Sharing

  • "Create anonymous link for public documents"
  • "Share folder with password protection"
  • "Set up guest access for client portal"
  • "Monitor external sharing activities"

Search & Discovery

• Enterprise Search

  • "Search across all sites for budget documents"
  • "Find all presentations from last quarter"
  • "Locate documents by specific authors"
  • "Search within document contents"

• Search Configuration

  • "Create search scope for department sites"
  • "Configure search refiners for document types"
  • "Set up result sources for specific content"
  • "Customize search results ranking"

• Content Discovery

  • "Show trending documents in the organization"
  • "Find related documents based on metadata"
  • "Discover knowledge from document patterns"
  • "Identify duplicate content across sites"

Automation & Workflows

• Process Automation

  • "Create approval workflow for expense reports"
  • "Set up automatic document routing based on metadata"
  • "Trigger notifications on document changes"
  • "Automate document archival after retention period"

• Integration Workflows

  • "Sync SharePoint lists with CRM system"
  • "Create documents from form submissions"
  • "Update SharePoint when emails arrive"
  • "Generate reports from list data"

• Content Lifecycle

  • "Apply retention policies to document libraries"
  • "Set up automatic deletion for old content"
  • "Create content type policies"
  • "Manage information barriers"

Analytics & Reporting

• Usage Analytics

  • "Show most accessed documents this month"
  • "Track file download statistics"
  • "Analyze site visitor patterns"
  • "Monitor storage usage by site"

• Activity Reports

  • "Generate file activity report for audit"
  • "Show all changes made by specific users"
  • "Track external sharing activities"
  • "Create compliance reports"

• Performance Metrics

  • "Measure page load times across sites"
  • "Monitor search query performance"
  • "Track sync client statistics"
  • "Analyze API usage patterns"

Prerequisites

• Access to Cequence AI Gateway
• Microsoft 365 tenant with SharePoint
• Azure AD application registration permissions
• Global Administrator or SharePoint Administrator role

Step 1: Register Azure AD Application

Before setting up the MCP server, you need to register an application in Azure AD.

1.1 Access Azure Portal

1. Navigate to portal.azure.com
2. Sign in with your Microsoft 365 administrator account
3. Go to Azure Active Directory App registrations
4. Click New registration

1.2 Configure Application

1. Set application details:

   • Name: "AI Gateway SharePoint MCP"
   • Supported account types: Select based on your needs:
     • Single tenant (your organization only)
     • Multi-tenant (any Azure AD)
     • Multi-tenant + personal accounts

2. Redirect URI:

   • Platform: Web
   • URI:

     https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback

3. Click Register

1.3 Configure API Permissions

1. Go to API permissions in your app

2. Click Add a permission

3. Select Microsoft Graph

4. Choose Delegated permissions

5. Add these permissions (see Available Scopes section for details):

   • Sites.Read.All
   • Sites.ReadWrite.All
   • Files.Read.All
   • Files.ReadWrite.All

6. Click Grant admin consent (requires admin rights)

1.4 Create Client Secret

1. Go to Certificates & secrets
2. Click New client secret
3. Add description: "AI Gateway MCP Secret"
4. Select expiration period
5. Click Add
6. Copy the secret value immediately (won't be shown again)

1.5 Note Application Details

From the Overview page, note:

• Application (client) ID
• Directory (tenant) ID
• Client secret (from previous step)

Step 2: Access AI Gateway Apps

1. Log in to your Cequence AI Gateway dashboard
2. Navigate to Apps in the left sidebar
3. You'll see the list of available third-party applications

Step 3: Find and Select SharePoint API

1. In the Apps section, browse through the Third-party category
2. Look for Microsoft 365 SharePoint or use the search function
3. Click on the SharePoint API card to view details

The SharePoint API card shows:

• Number of available endpoints
• Integration capabilities
• Quick description of functionality

Step 4: Create MCP Server

1. Click the Create MCP Server button on the SharePoint API card
2. You'll be redirected to the MCP Server creation wizard

Step 5: Configure API Endpoints

In the App Configuration step:

1. Base URL is pre-filled: https://graph.microsoft.com/v1.0
2. Select API endpoints to expose to your MCP server based on your needs
3. Click Next to proceed

Step 6: MCP Server Basic Setup

Configure your MCP server details:

1. MCP Server Name: Enter a descriptive name

   • Example: "SharePoint Document Management"
   • This name will identify your server in the dashboard

2. Description (Optional): Add details about the server's purpose

   • Example: "Enterprise document management and collaboration platform"

3. Production Mode: Toggle based on your needs

   • ON for production environments
   • OFF for development/testing

4. Click Next to continue

Step 7: Configure Authentication

This is where you'll use your Azure AD application details:

1. Authentication Type: Select OAuth 2.0

2. Fill in the OAuth configuration:

   • Authorization URL:

     https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/authorize

   • Token URL:

     https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token

   • Client ID: Paste from Azure AD app registration
   • Client Secret: Paste from Azure AD app registration
   • Redirect URI:

     https://auth.aigateway.cequence.ai/v1/outbound/oauth/callback

3. Scopes: Select from the available SharePoint scopes (see next section)

Available SharePoint OAuth Scopes

Configure the appropriate scopes based on your application needs:

Site Access

• https://graph.microsoft.com/Sites.Read.All

  • Read items in all site collections
  • View site properties and metadata
  • Access site lists and libraries
  • Read site permissions

• https://graph.microsoft.com/Sites.ReadWrite.All

  • Create, edit, and delete items in all sites
  • Manage lists and libraries
  • Update site properties
  • Upload and modify documents

• https://graph.microsoft.com/Sites.Manage.All

  • Full control over sites
  • Create and delete sites
  • Manage site settings
  • Configure site features

• https://graph.microsoft.com/Sites.FullControl.All

  • Complete administrative control
  • Manage permissions and sharing
  • Configure security settings
  • Access all site content

File Access

• https://graph.microsoft.com/Files.Read.All

  • Read all files user can access
  • Download documents
  • View file metadata
  • Access file versions

• https://graph.microsoft.com/Files.ReadWrite.All

  • Full read/write access to files
  • Upload new files
  • Modify existing documents
  • Delete files

Taxonomy & Metadata

• https://graph.microsoft.com/TermStore.Read.All

  • Read term store data
  • Access managed metadata
  • View content types
  • Read taxonomy hierarchies

• https://graph.microsoft.com/TermStore.ReadWrite.All

  • Manage term store
  • Create and edit terms
  • Configure content types
  • Update metadata schemas

Additional Scopes

• User.Read

  • Read user profile
  • Required for authentication
  • Access basic user info

• offline_access

  • Maintain access when user offline
  • Enable refresh tokens
  • Long-term access

Recommended Scope Combinations

For Document Management:

https://graph.microsoft.com/Sites.Read.All
https://graph.microsoft.com/Sites.ReadWrite.All
https://graph.microsoft.com/Files.Read.All
https://graph.microsoft.com/Files.ReadWrite.All
https://graph.microsoft.com/User.Read
offline_access

For Site Administration:

https://graph.microsoft.com/Sites.Read.All
https://graph.microsoft.com/Sites.ReadWrite.All
https://graph.microsoft.com/Sites.Manage.All
https://graph.microsoft.com/Sites.FullControl.All
https://graph.microsoft.com/TermStore.ReadWrite.All
https://graph.microsoft.com/User.Read
offline_access

For Read-Only Access:

https://graph.microsoft.com/Sites.Read.All
https://graph.microsoft.com/Files.Read.All
https://graph.microsoft.com/User.Read

Step 8: Configure Security

Set up API protection features:

1. API Protection: Toggle ON to enable

   • Protects against bot attacks, DDoS, and threats
   • Monitors for suspicious activity
   • Rate limiting and anomaly detection

2. Protection Features (when enabled):

   • Auto-scaling protection
   • Managed infrastructure
   • Built-in monitoring
   • Zero maintenance required

3. Click Next to continue

Step 9: Choose Deployment Method

Select your deployment preference:

Option A: Deploy to Cequence Cloud (Recommended)

• Fully managed deployment
• Automatic scaling and monitoring
• Built-in high availability
• Features included:
  • Auto-scaling
  • Managed infrastructure
  • Built-in monitoring
  • Zero maintenance

Option B: Deploy with Helm Chart

• Self-managed Kubernetes deployment
• Full control over infrastructure
• Requires:
  • Kubernetes cluster
  • Helm 3.x installed
  • Container registry access

Click Next after selecting your deployment method.

Step 10: Review and Deploy

Review your MCP server configuration:

• MCP Server Name: Your chosen name
• Base URL: https://graph.microsoft.com/v1.0
• Selected Endpoints: Number of endpoints selected
• Authentication: OAuth 2.0 (Configured)
• API Protection: Enabled/Disabled
• Deployment: Cequence Cloud or Helm

Click Create & Deploy to finalize the setup.

Step 11: Post-Deployment Setup

After successful deployment:

1. Note the MCP Server URL provided

2. Test the OAuth flow:

   • Click "Test Connection"
   • You'll be redirected to Microsoft login
   • Sign in with your Microsoft 365 account
   • Grant consent for requested permissions
   • Confirm successful connection

3. Configure AI Agents:

   • The MCP server is now available for AI agent connections
   • Use the provided server URL in your AI agent configuration

Using Your SharePoint MCP Server

With Claude Desktop

1. Open Claude Desktop settings

2. Add your MCP server:

   {
     "servers": {
       "sharepoint": {
         "url": "your-mcp-server-url",
         "auth": {
           "type": "oauth2",
           "client_id": "your-client-id"
         }
       }
     }
   }

3. Start using natural language commands:

   • "Upload the budget report to the Finance team site"
   • "Find all contracts in the Legal document library"
   • "Create a new list for tracking project milestones"
   • "Share the marketing folder with external agency"
   • "Show me all documents I modified this week"

API Integration Example

// Initialize MCP client
const mcpClient = new MCPClient({
  serverUrl: 'your-mcp-server-url',
  auth: {
    type: 'oauth2',
    token: 'user-access-token'
  }
});

// List sites
const sites = await mcpClient.sharepoint.sites.list({
  search: 'team',
  top: 10
});

// Upload document
const file = await mcpClient.sharepoint.drives.uploadFile({
  driveId: 'drive-id',
  parentPath: '/General/Documents',
  fileName: 'report.pdf',
  content: fileBuffer
});

// Create list item
const listItem = await mcpClient.sharepoint.lists.createItem({
  siteId: 'site-id',
  listId: 'list-id',
  fields: {
    Title: 'New Project Task',
    AssignedTo: 'john@company.com',
    DueDate: '2025-02-15',
    Priority: 'High',
    Status: 'In Progress'
  }
});

// Search documents
const searchResults = await mcpClient.sharepoint.search.query({
  queryString: 'contract AND department:legal',
  selectProperties: ['Title', 'Author', 'LastModifiedTime'],
  rowLimit: 50,
  refiners: 'fileType,author'
});

// Create sharing link
const sharingLink = await mcpClient.sharepoint.driveItems.createLink({
  itemId: 'item-id',
  type: 'view',
  scope: 'organization',
  expirationDateTime: '2025-03-01T00:00:00Z'
});

Common Use Cases

Document Management

• Centralized document storage
• Version control and history
• Metadata tagging and search
• Automated filing and organization
• Document approval workflows

Team Collaboration

• Project site creation
• Shared workspaces
• Task and issue tracking
• Team calendars and events
• Knowledge wikis

Business Process Automation

• Form-driven workflows
• Document generation
• Approval chains
• Notification systems
• Integration with other systems

Compliance & Governance

• Retention policies
• Access auditing
• Information barriers
• eDiscovery support
• Records management

Security Best Practices

1. OAuth Security:

   • Use app-specific passwords
   • Implement conditional access
   • Enable MFA for admin accounts
   • Regular permission reviews

2. Data Protection:

   • Enable sensitivity labels
   • Configure DLP policies
   • Implement encryption
   • Monitor external sharing

3. Access Control:

   • Use security groups
   • Implement least privilege
   • Regular access reviews
   • Monitor guest access

4. Compliance:

   • Configure retention policies
   • Enable audit logging
   • Implement data governance
   • Regular compliance scans

Troubleshooting

Common Issues

1. 401 Unauthorized

   • Verify OAuth token validity
   • Check Azure AD permissions
   • Ensure admin consent granted
   • Validate tenant configuration

2. 403 Forbidden

   • Check SharePoint permissions
   • Verify site access rights
   • Ensure proper licensing
   • Review conditional access

3. 404 Not Found

   • Validate site/file paths
   • Check resource existence
   • Verify API endpoint
   • Review URL encoding

4. 429 Too Many Requests

   • Implement throttling
   • Use batch operations
   • Add retry logic
   • Monitor rate limits

Getting Help

• Documentation: AI Gateway Docs
• Support: support@cequence.ai
• Community: AI Gateway Forum
• Microsoft Docs: docs.microsoft.com/sharepoint
• Graph Explorer: developer.microsoft.com/graph/graph-explorer

---