[FEATURE] Cowork: Pass environment variables to hosted MCP servers for persistent token storage (ms365 auth)

Resolved 💬 3 comments Opened Apr 9, 2026 by lucascodealvie Closed Apr 12, 2026

Problem

Hosted MCP servers in Cowork have no way to persist authentication tokens across sessions. The Cowork sandbox does not pass environment variables to MCP server processes, which means servers that rely on env vars for token cache paths lose all auth state when a session ends.

This is a blocker for scheduled automations and multi-session workflows that depend on authenticated MCP connectors like ms365 (Outlook, Calendar, OneDrive).

Specific Case: ms365 MCP Server

The Softeria ms365 MCP server (@softeria/ms-365-mcp-server) already supports persistent token storage via two environment variables:

  • MS365_MCP_TOKEN_CACHE_PATH — path to cache OAuth tokens on disk
  • MS365_MCP_SELECTED_ACCOUNT_PATH — path to persist the selected account

If Cowork passed these env vars pointing at the user's persistent workspace mount, tokens would survive between sessions automatically. No code changes needed on the server side.

Softeria has confirmed this is a Cowork platform limitation, not a server bug, and closed the issue on their end (Softeria/ms-365-mcp-server#350).

Current Behavior

  1. User authenticates ms365 via device code flow at start of session
  2. Session ends or scheduled task fires in a new session
  3. Auth tokens are gone. All ms365 tool calls fail.
  4. User must manually re-authenticate every session.

Expected Behavior

  1. User authenticates once
  2. Tokens are persisted to the workspace mount via env vars
  3. Subsequent sessions and scheduled tasks pick up existing tokens automatically
  4. Re-auth only needed when tokens expire or are revoked

Impact

  • Scheduled tasks are broken. Any automation touching Outlook (email reads, drafts, sends, calendar) fails silently until manual re-auth.
  • Multi-session workflows are painful. Users re-authenticate multiple times per day.
  • Google Calendar already persists auth across Cowork sessions natively. Requesting the same treatment for ms365.

Proposed Fix

Allow Cowork to pass user-configured environment variables to hosted MCP server processes. At minimum, support a mapping in the connector config like:

{
  "env": {
    "MS365_MCP_TOKEN_CACHE_PATH": "/workspace/.ms365/token-cache.json",
    "MS365_MCP_SELECTED_ACCOUNT_PATH": "/workspace/.ms365/selected-account.json"
  }
}

This would be a general solution that benefits any MCP server needing persistent state, not just ms365.

Related Issues

  • #34832 — Cowork MCP connectors lose auth after context compaction (open, stale)
  • #30385 — Cowork connectors lose session state between sessions (closed as not planned)
  • #35899 — Scheduled tasks cannot access MCP connectors
  • #24350 — MCP connections drop silently (closed as not planned)
  • Softeria/ms-365-mcp-server#350 — Server-side issue closed, confirmed as Cowork platform limitation

Environment

  • Platform: Anthropic Cowork (desktop app)
  • MCP Server: @softeria/ms-365-mcp-server v0.73.1
  • OS: macOS

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗