Microsoft365 MCP OAuth fails with AADSTS900971: No reply address provided

Resolved 💬 4 comments Opened Apr 28, 2026 by ssopotov-cai Closed Apr 28, 2026

Problem

Authenticating the built-in microsoft365 MCP server (https://microsoft365.mcp.claude.com/mcp) via mcp__microsoft365__authenticate fails at the Microsoft sign-in step:

AADSTS900971: No reply address provided.

Repro

  1. Call mcp__microsoft365__authenticate in Claude Code.
  2. Open the returned authorize URL in a browser and sign in with a Microsoft account.
  3. Microsoft sign-in returns the AADSTS900971 error before redirecting.

Details

  • client_id: 08ad6f98-a4f8-4635-bb8d-f1a3044760f0
  • redirect_uri (dynamic port): http://localhost:<port>/callback
  • scope: api://07c030f6-5743-41b7-ba00-0a6e85f37c17/.default offline_access openid email

The Azure AD app registration for the MCP server appears to have no reply URLs configured (or does not allow http://localhost with a dynamic port for public clients). Other MCP integrations (e.g. Atlassian) work fine in the same session.

Environment

  • Claude Code on Windows 11 (win32)
  • Model: Opus 4.7 (1M context)

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗