Let’s Discuss AI Agent Tool that Brings the Power of Microsoft Graph and MS Entra. As you all know that Model Context Protocol and Lokka MCP are major advancements in AI integration. They provide a unified framework that helps users fully utilize LLMs with existing tools.
Recently Microsoft announcing the MCP for Microsoft Graph in Entra. Lokka MCP is a specialized implementation of the Model Context Protocol (MCP) designed to get smooth integration with Microsoft Graph. The MCP framework provides large language models, such as Anthropic Claude and GPT-4, with a standardized method for connecting to external tools.
Lokka MCP improves this capability, providing a strong and flexible solution for Microsoft Graph. It works across different clients, so users can access it through desktop apps like VS Code or Cloud Desktop, offering flexibility in how they use it.
It also allows users to switch between different AI models, like Anthropic Claude and GPT-4, so they can choose the best one for their needs. Also, This ensures a more customized AI experience. In this post we can discuss small overview on Lokka an MCP for Microsoft Graph in Entra Lokka an MCP for Microsoft Graph in Entra.
Table of Contents
Introducing Lokka an MCP for Microsoft Graph in Entra
Above we discussed an overall view on MCP for Microsoft Graph in Entra. Merill Fernando introduced this newly enhanced Lokka as an MCP for Microsoft Graph in his vision and also explained the process of this such as installation, Creating an Entra app for Lokka etc.
- Lokka MCP operates through a smooth and effective process to manage user requests.
- In the case of Lokka, the user sends a query or command through a compatible client, like VS Code or Cloud Desktop.
- The input is then sent to a language model, such as Anthropic Claude, which analyzes it and figures out what to do next.
| How to Install Lokka |
|---|
| To get started with Lokka, you need to create an Entra app and configure it with your AI agent, such as VS Code GitHub Copilot, Claude Desktop, or any other compatible MCP client. Before proceeding, ensure that Node.js version 16 or higher is installed on your system. If it’s already installed, you can skip this step; otherwise, you can verify the version by running node -v in the command prompt. |
- Best Guide to Restart Intune Devices Remotely using Microsoft Graph API and PowerShell
- Best Guide to Run Intune Device Query with Microsoft Graph API
- Automate Microsoft Intune Device Compliance Report using Graph API
App Registration
The first thing you need to do is you need to create an app registration, you have to get the app registration for the local MCP. So Sign into the Microsoft Entra Admin Center. Then navigate through identity > Applications In the application Option. You have to select App Registration.
- When you click on the app registration, you will get the New Registration option.
- Click on New Registration.
When you click on “New Registration,” a form will appear for you to fill out. In the “Name” field, enter “Lokka Microsoft Graph.” There’s no need to make any changes to the “Supported Accounts” section, as it is already set to “Accounts in this organizational directory only.” Once you’ve completed these steps, simply click “Register” to proceed.
API Permission
Once the registration is complete, navigate to the API Permissions section to configure the actions the app is allowed to perform. For that you have to click opn the API permission then click on the Add a permission then select the Microsoft Graph.
Begin by assigning read-only permissions, as this is a safer option for initial setup, enabling the app to access data without making changes to it. Now we can select the Application permmission other than Delegated permission. Then you have to search the permission User.read then User> User Read All.
- Click on the Add Permission
To configure the permissions, you need to click on the grant admin console for the default directory. This action will prompt a pop-up window displaying options, such as “Yes” or “No.
“The pop-up will include a description as ” Do you want to grant consent for the requested permissions for all accounts in Default Directory? This will update any existing admin consent records this application already has to match what is listed below.”
- Click on the Yes.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Resource
Author
Anoop C Nair has been a Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and leader of the Local User Group Community. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.