Connect
Optimize
Secure
MCP Gateway
MCP Gateway
for Microsoft 365 Copilot agents
One MCP gateway to connect Microsoft 365 Copilot to 310+ enterprise SaaS apps. No auth hassle. Token-efficient by design. Security and governance built-in.
What is an MCP gateway?
An MCP gateway (also called an MCP aggregator) is a single endpoint that connects an AI agent to multiple
MCP servers via the open Model Context Protocol (opens in new tab).
Some gateways act as proxies, routing traffic to MCP servers customers operate themselves. Others provide the
underlying MCP servers as a managed service.
StackOne is the managed kind. We provide pre-built MCP servers for 310+ enterprise SaaS apps,
including ones with no official MCP server today. For each app you connect, StackOne provides the MCP protocol
layer, the SaaS API integration, action coverage, and the auth orchestration framework. Authentication is
configured per app per organization — your team registers OAuth credentials with the SaaS provider, links them
in StackOne, and end users then authorize access through that flow. Once set up, the agent reaches every
connected app through one URL, with token storage, refresh, and per-user scoping handled by StackOne.
StackOne's MCP gateway — SOC2, HIPAA, CCPA, and GDPR compliant — bundles 310+ pre-built SaaS integrations exposing 20,000+ actions, all reachable from your Microsoft 365 Copilot agent through one URL.
Act across all your apps
from inside Microsoft 365 Copilot
One MCP gateway, every enterprise SaaS your Microsoft 365 Copilot agent
could ever need to act on.
Coverage
310+ connectors.
20,000+ tested actions.
Every action is built and maintained by StackOne, tested against the live API, and updated when vendors change their endpoints.
Browse all connectors
Trust
Auth & governance,
simplified.
StackOne handles OAuth, API keys, refresh, and scopes for every connector, giving enterprise IT full control through auth configs in a multi-tenant setup.
Agent Auth
Performance
Agent context window,
managed.
Tool Discovery and Code Mode keep the Microsoft 365 Copilot agent's context lean — only relevant actions, no raw response noise. Sharper agents, lower token costs.
Tools Discovery
Security
Agent security,
built in.
Defender scans every MCP tool response for prompt injection in real time. Up to 97.44%¹ detection, 0.2% false positives. SOC2, HIPAA, CCPA, GDPR compliant.
Prompt Injection Defense¹ Jayavibhav test, 65,000 samples.
Connect the Microsoft 365 Copilot agent
to more apps in 4 steps
From auth config to first agent tool call in 5 minutes.
1
Add StackOne as an MCP server in Copilot Studio.
Open Copilot Studio → your agent → Tools → Add a tool → New tool → Model Context Protocol, paste the StackOne gateway URL, choose OAuth 2.0, and save. Available immediately to that Copilot Studio agent.
Copilot Studio → Agent → Tools → New tool
Model Context Protocol
Server name
StackOne
Server URL
https://api.stackone.com/mcp/{...}
Authentication
OAuth 2.0
Add to agent
2
Connect each SaaS integration in StackOne.
OAuth or API key per app, done once in your dashboard. Tokens stay server-side.
3
Scope agent actions.
Read-only, specific objects, or per-role exposure. Toggle from the StackOne dashboard.
Read Salesforce record (enabled)
Query Snowflake table (enabled)
Append row to Excel (enabled)
Send Outlook email (disabled)
Delete record (disabled)
4
Ask your Microsoft 365 Copilot agent in plain English.
StackOne maps your prompt to the right action in the right system. Done.
"Pull this week's closed-won Salesforce deals, cross-reference Stripe for paid invoice status, and drop a summary table in this Excel sheet — flag any closed without payment."
Microsoft 365 Copilot salesforce_list_opportunities
Completed
stripe_list_invoices
Completed
filter: account_id in [closed-won opp accounts]
status: paid OR open
result: 17 paid, 3 open ≥30 days late
Wrote 20 closed-won deals to Sheet1!A1 in this Excel workbook. 3 deals flagged for unpaid invoices ≥30 days late.
Get your Microsoft 365 Copilot agent
to do more across your stack
Cross-app workflows your Microsoft 365 Copilot agent now runs in seconds instead of click-throughs.
Email & calendar automation
> Draft an Outlook reply with this account's open HubSpot deal context and last 3 touchpoints.
Document drafting & editing
> Pull Salesforce account context into a Word proposal draft with live numbers.
Spreadsheets & reporting
> Query the warehouse via Snowflake and dump the result into an Excel pivot table.
Team collaboration & messaging
> Surface Linear sprint status in the engineering Teams channel each Monday.
Connect any Enterprise AI Agent
to the StackOne MCP Gateway
Same 310+ MCP servers. Same agent context. Pick yours.
Frequently Asked Questions
Microsoft 365 Copilot agents reach enterprise SaaS via custom MCP servers added in Copilot Studio. Open Copilot Studio → your agent → Tools → Add a tool → New tool → Model Context Protocol, paste the StackOne gateway URL, choose OAuth 2.0, and save. Available to your Copilot Studio agent and 310+ pre-built SaaS connectors are reachable through that single connection. Full walkthrough in the Microsoft Learn: Connect your agent to an MCP server docs. Requires Microsoft 365 Copilot + Copilot Studio licenses; end users need the M365 Copilot license to invoke the agent in Copilot Chat.
An MCP gateway (also called an MCP aggregator) is a single endpoint that connects an AI agent to multiple MCP servers via the Model Context Protocol. Some gateways route traffic to MCP servers customers operate themselves; others provide the MCP servers as a managed service. StackOne is the managed kind — we provide pre-built MCP servers for 310+ enterprise SaaS apps, including ones with no official MCP server today. Authentication is configured per app per organization: your team registers OAuth credentials with the SaaS provider, links them in StackOne, and end users authorize access through that flow. Once set up, the agent reaches every connected app through one URL.
Microsoft 365 Copilot agents can access enterprise SaaS like Salesforce, Workday, HubSpot, Snowflake, Linear, ServiceNow, NetSuite, Stripe, and BambooHR through the StackOne MCP gateway — 310+ pre-built connectors in total. New connectors ship continuously, and you can build custom ones with AI Integration Builder. See all connectors.
Microsoft 365 Copilot ships first-party enterprise integrations (Salesforce, ServiceNow, Workday, SAP, Adobe) plus partner agents via Copilot Studio. StackOne adds the other 310+ — every app reachable through one Custom MCP connection instead of one per app, auth managed once in the dashboard, and tool definitions loaded only when relevant to the prompt.
Credentials sit at three layers: the StackOne MCP server record (OAuth 2.0 in Copilot Studio Tools, managed by Power Platform admins), SaaS connector credentials (server-side in your StackOne dashboard), and per-user OAuth or session tokens (server-side, scoped per user). StackOne stores OAuth tokens and API keys, refreshes them automatically, and only exposes the actions you've authorized to the agent.
Skip the StackOne MCP gateway when any of these is true:
- Microsoft's first-party Copilot agents (Salesforce, ServiceNow, Workday, SAP, Adobe) already cover your apps
- You only use a handful of actions across a few apps
- You don't need multi-tenancy, per-user permissions, or per-action scoping
- Indirect prompt injection isn't a concern
- Your MCP provider already does tool discovery and server-side execution to keep the agent context lean
Connect All Your Apps to Microsoft 365 Copilot.
One MCP gateway, 310+ pre-built SaaS connectors. Set up in 5 minutes.