ai.smithery/DynamicEndpoints-m365-core-mcp

*Updated June 17th 2025** Manage your Microsoft 365 services effortlessly. Create and manage distr…

15MITai-ml

Install

Config snippet generator goes here (5 client tabs)

README

## Latest Enhancements (January 2026)

**New Identity & Security Tools:**
- **`backup_policies`** - Export Microsoft 365 policies to JSON for backup, disaster recovery, and migration
  - Conditional Access Policies, Named Locations, Authentication Strengths
  - Intune Device Compliance & Configuration Policies
  - App Protection Policies, Sensitivity Labels
  - Full JSON backup with metadata and tenant information
- **`manage_named_locations`** - Manage Conditional Access named locations
  - IP address ranges (CIDR notation) with trust settings
  - Country/region-based locations (ISO 3166-1 alpha-2 codes)
  - Create, update, delete, and list operations
- **`manage_authentication_strengths`** - View authentication strength policies
  - Built-in and custom MFA strength policies
  - Available authentication method combinations
  - Authentication method configurations
- **`manage_cross_tenant_access`** - Manage B2B collaboration settings
  - Default and partner-specific access policies
  - Inbound trust settings (MFA, compliant devices, hybrid joined)
  - B2B collaboration inbound/outbound controls
- **`manage_identity_protection`** - Monitor identity risks
  - Risk detections and risky users
  - Dismiss or confirm compromised users
  - Filter by risk level and state

**MCP SDK & Smithery Best Practices Update:**
- **Upgraded to Zod v4** for schema validation (required by @smithery/sdk@3.0.1)
- **Added OAuth 2.0 authentication infrastructure** with Azure AD/Microsoft Entra ID integration
- **Implemented DNS rebinding protection** for HTTP transport security
- **Added Smithery SDK integration** with proper module exports and configuration

**Authentication Improvements:**
- New `src/auth/` module with OAuth provider and middleware
- Bearer token extraction and validation
- Support for both OAuth and API key authentication
- Token caching and automatic refresh
- OAuth endpoints (`/oauth/authorize`, `/oauth/callback`, `/oauth/token`)

**Build & Deployment Fixes:**
- Fixed TypeScript compilation errors for Smithery deployment
- Added type declarations for `csv-writer`, `xlsx`, `handlebars` modules
- Excluded broken/backup files from TypeScript compilation
- Updated `@types/express` to v5.0.0 for Express v5 compatibility
- Fixed host header validation for production deployments

**Configuration Updates:**
- Added `smithery.config.js` for esbuild configuration
- Updated `smithery.yaml` with OAuth config section
- Added `module` field to `package.json` for Smithery compatibility
- Updated dependencies: `@smithery/sdk@^3.0.1`, `@smithery/cli@^1.6.7`

## Previous Enhancements (December 2024)

**Comprehensive Microsoft 365 Policy Management Expansion:**
- **Added 10 new policy management tools** covering all major Microsoft 365 products and services
- **30+ policy types supported** across security, compliance, governance, and productivity
- **Full lifecycle management** with create, read, update, delete, enable/disable operations
- **Enterprise-ready features** including policy assignment, targeting, and multi-location support

**New Policy Management Tools:**
- `manage_retention_policies` - Data retention across SharePoint, Exchange, Teams, OneDrive
- `manage_sensitivity_labels` - Information protection with encryption and content marking
- `manage_information_protection_policies` - Label policies and organization-wide settings
- `manage_conditional_access_policies` - Identity and access security with MFA, device compliance
- `manage_defender_policies` - Advanced threat protection (Safe Attachments, Safe Links, Anti-Phishing)
- `manage_teams_policies` - Teams governance (messaging, meetings, calling, apps)
- `manage_exchange_policies` - Email security (OWA, ActiveSync, address book policies)
- `manage_sharepoint_governance_policies` - Content and sharing governance
- `manage_security_alert_policies` - Security event monitoring and automated responses

**Policy Types Covered:**
- **Security**: Conditional Access, Defender for Office 365 (Safe Attachments/Links, Anti-Phishing/Malware/Spam)
- **Compliance**: DLP, Retention Policies, Sensitivity Labels, Information Protection
- **Governance**: SharePoint Sharing/Access Policies, Information Barriers, Retention Labels
- **Productivity**: Teams (Messaging/Meeting/Calling/App Setup), Exchange (OWA/ActiveSync/Address Book)
- **Monitoring**: Security and Compliance Alert Policies with automated notifications

**Key Features:**
- Granular control with complex conditions and rules
- Multi-location and multi-target support
- Policy assignment to users, groups, and roles
- Enable/disable functionality for testing
- Comprehensive validation with Zod schemas
- Type-safe implementations with full TypeScript support

For complete documentation, examples, and best practices, see:
- [Policy Management Implementation Guide](./POLICY_MANAGEMENT_EXPANSION_COMPLETE.md)
- [Quick Reference Guide](./POLICY_MANAGEMENT_QUICK_REFERENCE.md)

## Previous Enhancements (September 25, 2025)

**Universal