MCP Graph API Integration
@ovaismehboob
MCP Server that talks to Graph API
Overview
What is MCP Graph API Integration?
An MCP server that connects to Microsoft Graph API, enabling an AI assistant to query and interact with Azure Active Directory/Entra ID resources. It includes a .NET Web API server and a Blazor WebAssembly client for AI-assisted chat about application registrations.
How to use MCP Graph API Integration?
Configure appsettings.json with Azure OpenAI endpoint and Azure AD credentials, then run dotnet run from the MCP.Server and MCP.Client directories. Use the client’s “Test Connection” and “Test Graph API” buttons to verify connectivity, then chat with the AI about Azure AD resources.
Key features of MCP Graph API Integration?
- AI-powered chat interface for Azure AD resources
- MCP function calling for structured AI queries
- Integration with Microsoft Graph API
- Authentication and permission handling
- Testing tools for Graph API connectivity
Use cases of MCP Graph API Integration?
- Querying Azure AD application registrations using natural language
- Troubleshooting Azure AD permissions with the included test scripts
- Extending AI assistants with Microsoft Graph data access
FAQ from MCP Graph API Integration
What are the prerequisites to run this server?
.NET 9.0 SDK, an Azure subscription with an Azure OpenAI Service instance, and an Azure AD app registration with the Application.Read.All permission.
How do I configure Azure OpenAI and Azure AD?
Set the AzureOpenAI section (Endpoint, DeploymentName, ApiKey) and AzureAd section (TenantId, ClientId, ClientSecret, Scopes) in appsettings.json.
What Azure AD permissions are required?
The Microsoft Graph application permission Application.Read.All must be granted and admin‑consented.
How can I test if Graph API permissions are working?
Run the included TestGraphPermissions.ps1 PowerShell script, or use the client’s “Test Graph API” button to diagnose permission issues.
What should I do if the AI reports missing permissions?
Ensure your Azure OpenAI API keys and Azure AD client secrets are valid, confirm admin consent has been granted, and check CORS settings in the server’s Program.cs if the client cannot connect.