{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"awesome-microsoft-entra-id-mcp-server","slug":"microsoft-entra-id-mcp-server","name":"Microsoft Entra ID MCP Server","type":"mcp","url":"https://github.com/hieuttmmo/entraid-mcp-server","page_url":"https://unfragile.ai/microsoft-entra-id-mcp-server","categories":["mcp-servers","code-review-security"],"tags":[],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"awesome-microsoft-entra-id-mcp-server__cap_0","uri":"capability://tool.use.integration.oauth.2.0.token.lifecycle.management.with.automatic.refresh","name":"oauth 2.0 token lifecycle management with automatic refresh","description":"Implements GraphAuthManager component that handles Microsoft Entra ID OAuth 2.0 authentication flows, including token acquisition, caching, and automatic refresh before expiration. Uses a facade pattern to abstract token lifecycle from resource modules, ensuring all Graph API calls execute with valid credentials without manual token management by the caller.","intents":["Set up secure authentication to Microsoft Graph API without managing token expiration manually","Ensure MCP server maintains valid credentials across long-running agent sessions","Integrate with Claude Desktop or Cursor IDE without exposing authentication complexity"],"best_for":["Teams deploying MCP servers in Claude Desktop or Cursor IDE environments","Developers building AI agents that need persistent Entra ID access without token refresh logic"],"limitations":["Requires client credentials (app ID, secret, tenant ID) stored in .env file — no interactive user login flow","Token caching is in-memory only — server restart clears cached tokens","No built-in token rotation or key management — relies on Azure app registration configuration"],"requires":["Python 3.9+","Azure app registration with client credentials (app ID and secret)","Microsoft Entra ID tenant with appropriate Graph API permissions",".env file with TENANT_ID, CLIENT_ID, CLIENT_SECRET"],"input_types":["configuration (environment variables)"],"output_types":["OAuth 2.0 bearer token (string)"],"categories":["tool-use-integration","authentication"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_1","uri":"capability://tool.use.integration.fastmcp.server.with.schema.based.tool.registration.and.json.rpc.orchestration","name":"fastmcp server with schema-based tool registration and json-rpc orchestration","description":"Exposes 40+ tools via FastMCP server that translates MCP JSON-RPC requests into structured Graph API calls. Each tool is registered with input/output schemas that enforce type safety and parameter validation. The server layer (server.py) acts as an orchestration hub, routing client requests to appropriate resource modules and translating responses back to MCP format.","intents":["Register Entra ID operations as callable tools in Claude Desktop or Cursor IDE","Enable AI agents to invoke identity management tasks with schema-validated parameters","Standardize tool invocation across multiple MCP-compatible clients using JSON-RPC protocol"],"best_for":["AI agent developers integrating Entra ID management into Claude or Cursor workflows","Teams building MCP servers that need structured tool registration with schema validation","Organizations standardizing on MCP for identity and access management automation"],"limitations":["Tools are synchronous only — no streaming or async tool execution support","Schema validation happens at registration time, not runtime — invalid parameters may fail at Graph API call","No built-in rate limiting or request queuing — relies on Microsoft Graph API throttling (429 responses)","Tool output is JSON-serialized — binary or large file responses not supported"],"requires":["Python 3.9+","FastMCP library (installed via pyproject.toml)","MCP-compatible client (Claude Desktop, Cursor IDE, or FastMCP CLI)","Valid GraphAuthManager instance with authenticated credentials"],"input_types":["JSON-RPC request with tool name and parameters"],"output_types":["JSON-RPC response with tool result or error"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_10","uri":"capability://data.processing.analysis.device.management.and.compliance.status.discovery","name":"device management and compliance status discovery","description":"Implements device management tools that query Microsoft Graph /devices endpoint to enumerate registered and managed devices, retrieve device properties (OS, compliance status, owner), and discover device-to-user mappings. Returns structured device objects including device name, OS version, compliance state, and registered owner identity. Supports filtering by device name, owner, or compliance status for device inventory and compliance audits.","intents":["Audit device inventory and identify non-compliant devices for remediation","Discover which devices are registered to specific users for access control decisions","Track device compliance status for security policy enforcement"],"best_for":["Mobile device management (MDM) teams auditing device compliance and inventory","Security teams identifying non-compliant devices for access restriction","Developers building device inventory and compliance reporting agents"],"limitations":["Device compliance status is read-only — no remediation or policy enforcement through this tool","Device filtering is limited to name and owner — no OS or compliance status filtering in query","Device-to-user mapping is one-way (device to owner) — no user-to-devices enumeration","Device properties are limited to basic metadata — detailed MDM configuration not exposed"],"requires":["Python 3.9+","Microsoft Graph permission: Device.Read.All","Valid GraphAuthManager instance","Device name or owner ID for targeted queries"],"input_types":["device name (string)","device ID (GUID)","owner ID (GUID)"],"output_types":["device object (JSON)","device array (JSON)","compliance status (JSON)"],"categories":["data-processing-analysis","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_11","uri":"capability://tool.use.integration.resource.module.pattern.with.domain.specific.tool.organization","name":"resource module pattern with domain-specific tool organization","description":"Implements a modular architecture where 11 resource modules (users.py, groups.py, applications.py, service_principals.py, signin_logs.py, audit_logs.py, mfa.py, conditional_access.py, password.py, devices.py, permissions.py) each encapsulate domain-specific tools and Graph API integration logic. Each module exposes tools via @mcp.tool() decorators and uses a shared GraphClient facade for HTTP requests. Enables clean separation of concerns and independent testing of identity management domains.","intents":["Organize 40+ tools into logical domains for maintainability and discoverability","Enable independent development and testing of user, group, security, and device management features","Provide a consistent pattern for adding new identity management capabilities"],"best_for":["Teams maintaining and extending the MCP server with new identity management capabilities","Developers who need to understand the codebase structure and add new tools","Organizations building custom identity management workflows on top of the MCP server"],"limitations":["Module organization is by domain, not by operation type — some cross-domain operations require multiple tool calls","No built-in module dependency management — circular dependencies possible if not carefully managed","Tool registration is declarative but requires understanding of @mcp.tool() decorator syntax","No module-level access control — all registered tools are exposed to all MCP clients"],"requires":["Python 3.9+","Understanding of FastMCP @mcp.tool() decorator pattern","Knowledge of Microsoft Graph API endpoints for the domain being extended"],"input_types":["Python module with @mcp.tool() decorated functions"],"output_types":["registered MCP tools (JSON-RPC callable)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_12","uri":"capability://tool.use.integration.graphclient.http.facade.with.error.translation.and.retry.logic","name":"graphclient http facade with error translation and retry logic","description":"Implements GraphClient utility class that wraps HTTP requests to Microsoft Graph API with automatic error handling, response parsing, and retry logic for transient failures. Translates Graph API error responses (4xx, 5xx) into structured exceptions with meaningful error messages. Handles pagination automatically for endpoints that return large result sets, enabling seamless iteration over multi-page results.","intents":["Simplify HTTP communication with Microsoft Graph API by abstracting request/response handling","Handle transient API failures automatically without requiring retry logic in each tool","Translate Graph API errors into meaningful exceptions for debugging and error reporting"],"best_for":["Developers extending the MCP server with new tools who need reliable Graph API communication","Teams that need automatic retry logic and error handling for production deployments","Builders who want to avoid implementing pagination logic for each Graph API query"],"limitations":["Retry logic is limited to transient errors (5xx) — permanent errors (4xx) fail immediately","Pagination is automatic but transparent — agents cannot control page size or iteration","Error messages are translated from Graph API responses — may lose some API-specific context","No built-in rate limiting — relies on Graph API throttling (429) to signal rate limits"],"requires":["Python 3.9+","Valid GraphAuthManager instance for token provision","HTTP client library (requests or httpx)"],"input_types":["HTTP method (GET/POST/PATCH/DELETE)","Graph API endpoint (string)","request body (JSON)"],"output_types":["parsed response (JSON)","paginated result iterator"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_13","uri":"capability://tool.use.integration.mcp.client.integration.with.claude.desktop.and.cursor.ide.configuration","name":"mcp client integration with claude desktop and cursor ide configuration","description":"Provides configuration patterns and deployment instructions for integrating the MCP server with Claude Desktop (via ~/.claude/mcp.json) and Cursor IDE (via uv run on-demand execution). Enables AI agents in Claude and Cursor to invoke Entra ID tools directly through the MCP protocol. Supports persistent server mode (Claude Desktop) and on-demand execution (Cursor IDE) for different deployment scenarios.","intents":["Deploy the MCP server as a persistent capability in Claude Desktop for long-running identity management workflows","Enable Cursor IDE to invoke Entra ID tools on-demand during development and debugging","Configure MCP server connection details (host, port, authentication) for different deployment environments"],"best_for":["Teams deploying identity management automation in Claude Desktop for persistent agent workflows","Developers using Cursor IDE who need to invoke Entra ID operations during coding sessions","Organizations standardizing on MCP for AI agent integration with identity platforms"],"limitations":["Claude Desktop integration requires manual configuration of ~/.claude/mcp.json — no auto-discovery","Cursor IDE integration requires uv (Python package manager) to be installed — not compatible with pip-only environments","MCP server must be running and accessible on configured host/port — no built-in service discovery","Configuration changes require restarting Claude Desktop or Cursor IDE — no hot-reload support"],"requires":["Claude Desktop 0.1.0+ or Cursor IDE 0.1.0+","Python 3.9+ with uv package manager (for Cursor IDE)","Network access to MCP server host/port","Valid GraphAuthManager credentials configured in .env"],"input_types":["MCP configuration (JSON)","server connection details (host, port)"],"output_types":["MCP tool availability in Claude/Cursor (implicit)"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_2","uri":"capability://search.retrieval.user.identity.search.and.attribute.retrieval.with.role.and.group.membership.discovery","name":"user identity search and attribute retrieval with role and group membership discovery","description":"Implements search_users, get_user_by_id, get_privileged_users, get_user_roles, and get_user_groups tools that query Microsoft Graph /users endpoint with OData filters and expand parameters. Supports searching by display name, email, or user principal name; retrieving full user profiles including job title, department, and manager; and discovering assigned roles and group memberships through transitive queries.","intents":["Find users in the tenant by name or email to identify targets for bulk operations","Retrieve complete user profiles including roles and group memberships for access reviews","Discover privileged users (Global Admins, Security Admins) for security audits"],"best_for":["Identity governance teams performing access reviews and user lifecycle audits","Security teams identifying privileged account holders and their group memberships","Developers building AI agents that need to resolve user identities before performing actions"],"limitations":["Search is case-insensitive but does not support fuzzy matching — exact substring match required","get_privileged_users returns only directory roles, not application-specific roles","Group membership queries are limited to direct memberships — transitive group nesting not fully expanded","Results are paginated at 100 items per request — large tenant queries require multiple API calls"],"requires":["Python 3.9+","Microsoft Graph permission: User.Read.All or Directory.Read.All","Valid GraphAuthManager instance","User principal name or email address for targeted queries"],"input_types":["search query (string)","user ID (GUID)","filter parameters (OData)"],"output_types":["user object (JSON)","array of users (JSON)","role array (JSON)","group array (JSON)"],"categories":["search-retrieval","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_3","uri":"capability://automation.workflow.group.crud.and.membership.management.with.owner.member.role.distinction","name":"group crud and membership management with owner/member role distinction","description":"Exposes 11 tools for group lifecycle management including create_group, update_group, delete_group, add_group_member, remove_group_member, add_group_owner, remove_group_owner, and search_groups. Implements role-based membership where owners have administrative privileges over group settings and members have basic access. Uses Microsoft Graph /groups endpoint with nested /members and /owners collections.","intents":["Create and manage security groups or Microsoft 365 groups for access control","Add or remove users from groups without manual Azure Portal navigation","Assign group owners for decentralized group governance"],"best_for":["Identity governance teams automating group lifecycle and membership provisioning","Developers building self-service group management workflows for AI agents","Teams implementing access control policies that require dynamic group membership"],"limitations":["Group creation requires specifying mailNickname (must be unique) — no auto-generation","Bulk member operations (add/remove multiple users) require sequential API calls — no batch endpoint","Owner removal fails if it would leave group with zero owners — validation happens at API call time","Dynamic group membership rules not supported — only static membership management"],"requires":["Python 3.9+","Microsoft Graph permission: Group.ReadWrite.All","Valid GraphAuthManager instance","Group ID (GUID) or display name for targeted operations"],"input_types":["group display name (string)","group ID (GUID)","user ID (GUID)","group properties (JSON)"],"output_types":["group object (JSON)","array of groups (JSON)","membership status (boolean)"],"categories":["automation-workflow","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_4","uri":"capability://automation.workflow.service.principal.and.application.identity.management.with.permission.discovery","name":"service principal and application identity management with permission discovery","description":"Implements tools for service principal CRUD (create, read, update, delete) and application registration management (list_applications, get_application_by_id, create_application, update_application, delete_application). Includes permission discovery tools that enumerate assigned Graph API permissions (delegated and application-scoped) and role assignments. Uses /servicePrincipals and /applications endpoints with appRoleAssignments and oauth2PermissionGrants expansion.","intents":["Create and manage service principals for daemon applications and integrations","Discover what Graph API permissions an application has been granted","Audit application registrations and their assigned roles for security compliance"],"best_for":["Security teams auditing application permissions and service principal assignments","Developers automating application registration and service principal provisioning","Teams implementing least-privilege access policies for applications"],"limitations":["Application creation does not auto-generate credentials — requires separate credential management","Permission discovery returns only currently assigned permissions, not requested permissions in manifest","Service principal deletion fails if it has active sign-in sessions — requires session termination first","No support for certificate-based authentication discovery — only client secret enumeration"],"requires":["Python 3.9+","Microsoft Graph permission: Application.ReadWrite.All","Valid GraphAuthManager instance","Application ID or service principal ID (GUID)"],"input_types":["application display name (string)","application ID (GUID)","service principal ID (GUID)"],"output_types":["application object (JSON)","service principal object (JSON)","permission array (JSON)"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_5","uri":"capability://search.retrieval.sign.in.log.retrieval.with.7.day.historical.window.and.filtering","name":"sign-in log retrieval with 7-day historical window and filtering","description":"Implements get_user_sign_ins tool that queries Microsoft Graph /auditLogs/signIns endpoint with date filtering and user principal name matching. Returns structured sign-in records including timestamp, client IP, device info, authentication method, and success/failure status. Supports filtering by date range (default 7 days) and user identity to enable security investigation and anomaly detection.","intents":["Investigate user sign-in patterns and identify suspicious login attempts","Retrieve sign-in history for a specific user to correlate with security incidents","Analyze authentication methods and device information for compliance audits"],"best_for":["Security operations teams investigating suspicious sign-in activity","Compliance teams auditing user access patterns for regulatory requirements","Developers building anomaly detection agents that analyze sign-in telemetry"],"limitations":["Historical window is limited to 7 days — older logs require audit log queries","Filtering is limited to user principal name and date range — no IP address or device filtering","Results are paginated at 100 items per request — large result sets require multiple API calls","Sign-in logs may have 15-30 minute latency before appearing in Graph API"],"requires":["Python 3.9+","Microsoft Graph permission: AuditLog.Read.All","Valid GraphAuthManager instance","User principal name (email) for targeted queries"],"input_types":["user principal name (string)","date range (ISO 8601 format)"],"output_types":["sign-in record array (JSON)","structured sign-in object (JSON)"],"categories":["search-retrieval","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_6","uri":"capability://search.retrieval.audit.log.retrieval.with.30.day.historical.window.and.activity.filtering","name":"audit log retrieval with 30-day historical window and activity filtering","description":"Implements get_user_audit_logs tool that queries Microsoft Graph /auditLogs/directoryAudits endpoint with date filtering and activity type matching. Returns structured audit records including timestamp, activity type (user creation, group modification, role assignment), actor identity, target resource, and result status. Supports filtering by date range (default 30 days) and activity category for compliance and forensic investigation.","intents":["Track administrative changes to users, groups, and roles for compliance audits","Investigate who made specific changes and when for forensic analysis","Monitor for unauthorized administrative activity and policy violations"],"best_for":["Compliance and audit teams tracking administrative changes for regulatory requirements","Security teams investigating unauthorized modifications to identity resources","Developers building change tracking and forensic analysis agents"],"limitations":["Historical window is limited to 30 days — longer retention requires external archival","Activity type filtering is limited to predefined categories — custom activity types not supported","Results are paginated at 100 items per request — large result sets require multiple API calls","Audit logs may have 15-30 minute latency before appearing in Graph API"],"requires":["Python 3.9+","Microsoft Graph permission: AuditLog.Read.All","Valid GraphAuthManager instance","Date range (ISO 8601 format) for historical queries"],"input_types":["activity type (string)","date range (ISO 8601 format)","actor identity (string)"],"output_types":["audit record array (JSON)","structured audit event (JSON)"],"categories":["search-retrieval","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_7","uri":"capability://safety.moderation.multi.factor.authentication.mfa.status.discovery.for.users.and.groups","name":"multi-factor authentication (mfa) status discovery for users and groups","description":"Implements get_user_mfa_status and get_group_mfa_status tools that query Microsoft Graph /users and /groups endpoints with authentication method expansion to determine MFA enrollment status. Returns structured MFA capability including registered authentication methods (phone, authenticator app, FIDO2 key), MFA enforcement status, and compliance with organizational MFA policies. Uses /authentication/methods endpoint for detailed method enumeration.","intents":["Identify users who have not enrolled in MFA for compliance enforcement","Audit MFA enrollment status across groups for security policy compliance","Discover which authentication methods users have registered for risk assessment"],"best_for":["Security teams enforcing MFA enrollment policies and identifying non-compliant users","Compliance teams auditing MFA adoption for regulatory requirements","Developers building MFA enforcement workflows and compliance dashboards"],"limitations":["MFA status reflects enrollment, not enforcement — does not indicate if MFA is required at sign-in","Authentication method details are limited to method type — does not include registration date or last use","Group MFA status is aggregated from member enrollment — does not reflect group-level policies","Requires User.Read.All permission — cannot query MFA status for current user only"],"requires":["Python 3.9+","Microsoft Graph permission: User.Read.All or Directory.Read.All","Valid GraphAuthManager instance","User ID (GUID) or group ID (GUID)"],"input_types":["user ID (GUID)","group ID (GUID)"],"output_types":["MFA status object (JSON)","authentication method array (JSON)"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_8","uri":"capability://safety.moderation.conditional.access.policy.retrieval.and.evaluation","name":"conditional access policy retrieval and evaluation","description":"Implements get_conditional_access_policies and get_conditional_access_policy_by_id tools that query Microsoft Graph /identity/conditionalAccess/policies endpoint. Returns structured policy definitions including conditions (user/group/app/location/device), grant controls (MFA requirement, device compliance), session controls (sign-in frequency, persistent browser), and enabled/disabled status. Supports policy enumeration and detailed policy inspection for compliance and security analysis.","intents":["Audit conditional access policies to ensure they align with security requirements","Retrieve policy details to understand what controls are applied to specific users or applications","Identify policies that may be blocking legitimate access or missing required controls"],"best_for":["Security teams auditing conditional access policies for compliance and effectiveness","Developers building policy analysis and compliance reporting agents","Teams investigating access denial issues related to conditional access rules"],"limitations":["Policy retrieval is read-only — no policy creation or modification support","Policy evaluation is static — does not simulate policy application to specific sign-in scenarios","Named locations and device filters are returned as IDs only — require separate queries to resolve names","Policy conditions are returned as structured objects — no natural language interpretation"],"requires":["Python 3.9+","Microsoft Graph permission: Policy.Read.All","Valid GraphAuthManager instance","Policy ID (GUID) for targeted queries"],"input_types":["policy ID (GUID)"],"output_types":["conditional access policy object (JSON)","policy array (JSON)"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"awesome-microsoft-entra-id-mcp-server__cap_9","uri":"capability://automation.workflow.user.password.reset.with.direct.and.email.based.notification.options","name":"user password reset with direct and email-based notification options","description":"Implements reset_user_password_direct and related password management tools that invoke Microsoft Graph /users/{id}/authentication/passwordReset endpoint. Generates temporary passwords and optionally sends reset notifications via email. Supports both immediate password reset (direct) and user-initiated reset flows. Returns reset status and temporary password (if applicable) for credential provisioning workflows.","intents":["Reset user passwords for account recovery or onboarding workflows","Notify users of password resets via email without exposing temporary credentials in logs","Automate password reset as part of user provisioning or deprovisioning processes"],"best_for":["Identity governance teams automating user onboarding and password provisioning","Help desk automation systems that need to reset passwords programmatically","Developers building self-service password reset workflows for AI agents"],"limitations":["Temporary passwords are generated by Microsoft — cannot be customized or pre-set","Email notification requires user's email address to be configured — fails silently if email is missing","Password reset does not enforce password change on next sign-in — user can continue with temporary password","No audit trail of who initiated the reset — only that reset occurred"],"requires":["Python 3.9+","Microsoft Graph permission: UserAuthenticationMethod.ReadWrite.All","Valid GraphAuthManager instance","User ID (GUID)"],"input_types":["user ID (GUID)","notification method (email/none)"],"output_types":["password reset status (JSON)","temporary password (string)"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":36,"verified":false,"data_access_risk":"high","permissions":["Python 3.9+","Azure app registration with client credentials (app ID and secret)","Microsoft Entra ID tenant with appropriate Graph API permissions",".env file with TENANT_ID, CLIENT_ID, CLIENT_SECRET","FastMCP library (installed via pyproject.toml)","MCP-compatible client (Claude Desktop, Cursor IDE, or FastMCP CLI)","Valid GraphAuthManager instance with authenticated credentials","Microsoft Graph permission: Device.Read.All","Valid GraphAuthManager instance","Device name or owner ID for targeted queries"],"failure_modes":["Requires client credentials (app ID, secret, tenant ID) stored in .env file — no interactive user login flow","Token caching is in-memory only — server restart clears cached tokens","No built-in token rotation or key management — relies on Azure app registration configuration","Tools are synchronous only — no streaming or async tool execution support","Schema validation happens at registration time, not runtime — invalid parameters may fail at Graph API call","No built-in rate limiting or request queuing — relies on Microsoft Graph API throttling (429 responses)","Tool output is JSON-serialized — binary or large file responses not supported","Device compliance status is read-only — no remediation or policy enforcement through this tool","Device filtering is limited to name and owner — no OS or compliance status filtering in query","Device-to-user mapping is one-way (device to owner) — no user-to-devices enumeration","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.5,"ecosystem":0.39999999999999997,"match_graph":0.25,"freshness":0.9,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:20.442Z","last_scraped_at":"2026-05-03T14:00:15.503Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=microsoft-entra-id-mcp-server","compare_url":"https://unfragile.ai/compare?artifact=microsoft-entra-id-mcp-server"}},"signature":"g2p2LeOphQVS+3S5OtB1uDOrMKpVO7jxb+1kvWHJLNNQ9b621UelshXjai6a3/1eVhXoXBW64YuuAnJh2p5hBg==","signedAt":"2026-06-17T03:44:29.419Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/microsoft-entra-id-mcp-server","artifact":"https://unfragile.ai/microsoft-entra-id-mcp-server","verify":"https://unfragile.ai/api/v1/verify?slug=microsoft-entra-id-mcp-server","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}