Turn your Dynamics 365 HR Self-Service into AI-callable tools. Book leave, fetch a payslip, or clear an approval, just by asking.

Book me 3 days of annual leave next week.
Done. Apr 14–16 booked. 12 days remaining.
Built on the platforms HR already trusts
From the employee's question to the validated tool call to the confirmation in chat.

Works out of the box with Claude Desktop, Cursor, the MCP Inspector, or any custom agent that speaks the Model Context Protocol.
Every major Employee Self-Service domain in Dynamics 365 HR is exposed as a structured, validated tool the AI can call directly.
The AI layer never sees a token. Credentials and OData metadata are stripped from every response, and logs redact secrets automatically.
40+ tools spanning every major self-service domain. Each one validated, normalized, and safe to expose to AI.
Read and update employee profile, personal details, and documents.
Check balances, book annual leave, log attendance and excuses.
Retrieve payslips, raise pay requests, and manage loan applications.
Surface pending approvals and act on them: approve, reject, delegate.
Submit overtime, work-from-home and remote-work requests.
Request HR letters and file expense claims with attachments.
Raise travel requests and schooling/allowance entitlements.
Read announcements and stay on top of HR notifications.
A clean boundary between the AI and your HR data, in three deterministic steps.
The employee types a request in any MCP client: Claude, Cursor, or your own agent.
The server maps the request to a typed tool and builds a safe OData call against Dynamics 365 HR.
Tokens and OData noise are stripped; the assistant gets a clean answer and confirms the action.

Three of the most common employee asks, handled end-to-end inside the chat.
“Book me 3 days of annual leave next week.” Confirmed, balanced checked, manager notified.
Pending approvals surface inline. Approve, reject, or delegate without opening a portal.
Payslips and pay requests retrieved securely, scrubbed of any sensitive metadata.
App-level client-credentials against Microsoft Entra ID, the default for server-to-server access.
The same identity, routed through the PeopleHub gateway for centralized control.
Per-user, signed-in employee permissions via RFC 8628. No client secret required.
{
"tool": "leave.book",
"user": "amal@contoso.com",
"args": {
"type": "annual",
"from": "2026-04-14",
"to": "2026-04-16"
},
"auth": {
"token": "[REDACTED]",
"tenant": "contoso"
},
"odata": "[stripped]",
"result": "ok",
"duration_ms": 412
}"Within a month, the HR portal traffic dropped by half. Our people just ask the assistant, and it gets done."
Khalid Al-Otaibi
Head of HR Operations · Riyadh, KSA
