Privacy Policy

AppDashboard — part of the AppConfigΒ² suite

Last updated: June 6, 2026

1. Overview

AppDashboard is a 100% read-only security analytics tool for Microsoft Entra ID. It is designed with privacy as a foundational principle, not an afterthought. The application operates entirely within your browser, querying your Entra ID environment directly via Microsoft Graph API and rendering analytics locally β€” no data ever leaves your browser to AppDashboard servers.

Key Privacy Principle: AppDashboard never writes to, modifies, or deletes any data in your Entra ID tenant. All seven analytical dashboards are powered exclusively by read queries to Microsoft Graph. No tenant data is transmitted to or stored on AppDashboard infrastructure at any point.

2. Information AppDashboard Accesses

AppDashboard accesses the following information solely to compute and display analytics within your browser session. All access is read-only.

2.1 Authentication Information

  • User identity and basic profile (name, email, tenant ID) β€” used to verify access and display the signed-in user
  • Authentication tokens for Microsoft Graph API access β€” handled by MSAL.js, stored in sessionStorage per-tab, never transmitted to AppDashboard servers

Access Method: Direct browser-to-Microsoft authentication via MSAL.js with Authorization Code Flow + PKCE. No AppDashboard servers are involved in authentication.

2.2 Application Registration Data

  • Application display names, application IDs, object IDs, and creation dates
  • API permissions (delegated and application roles) granted to each registration
  • Credential metadata β€” expiry dates, key IDs, and counts of secrets and certificates (actual secret values are never returned by the Graph API and are never accessible)
  • Owner assignments and sign-in audience settings
  • Federated identity credential configurations

Access Method: Direct browser-to-Microsoft Graph API read queries using the Application.Read.All delegated permission. Data is processed in-memory within your browser tab to compute dashboard metrics.

2.3 Directory Information

  • Service principal objects corresponding to app registrations, for cross-referencing publisher and verification data
  • User profile information (name, UPN) for resolving application owner identities in the UI

Access Method: Direct browser-to-Microsoft Graph API read queries. No data is retained after your session ends.

3. Local Data Storage & Session Isolation

AppDashboard uses your browser's sessionStorage β€” not localStorage β€” to cache Graph API responses for the duration of your active browser tab session.

3.1 What Is Cached

  • Graph API responses: Application and service principal data used to render dashboard tiles and tables
  • Computed analytics: Security scores, risk classifications, and metric aggregates derived from API responses
  • Authentication state: MSAL tokens and account information, managed by the MSAL.js library
  • UI state: Active filters, selected dashboard tab, and sort preferences (within the current tab session only)

3.2 Session Isolation Guarantees

  • sessionStorage is isolated per browser tab β€” opening AppDashboard in a second tab starts a fresh session with no shared cache
  • All cached data is automatically cleared when you close the tab or browser window
  • No cached data persists across sessions or is written to localStorage
  • No cached data is transmitted to AppDashboard servers

The only exception is your theme preference (light/dark mode), which may be stored in localStorage solely for convenience across visits. This preference contains no tenant data.

4. How AppDashboard Uses Accessed Data

Data accessed via Microsoft Graph is used exclusively for the following read-only analytical purposes, all of which execute within your browser:

4.1 Alerts Overview Dashboard

Computes six high-priority KPI cards from credential expiry metadata, permission grants, and ownership status. No data is stored; metrics are recalculated on each load.

4.2 App Inventory Dashboard

Renders a searchable, filterable inventory of all application registrations in your tenant. All filtering and search operations execute client-side against cached Graph responses.

4.3 Security Posture Dashboard

Calculates a 0–100 security score per application and aggregates a tenant-level posture score based on credential hygiene, permission scope, ownership coverage, and authentication settings. Scoring logic runs entirely in your browser.

4.4 Attack Surface Dashboard

Classifies applications across four risk dimensions (Authentication, Credential, Privilege, Exposure) and surfaces the highest-risk registrations for review. No write operations are performed.

4.5 Secrets & Expiry Dashboard

Groups credential metadata by expiry bucket (expired, expiring within 30/90 days, valid) to support credential lifecycle management. Only metadata (key IDs, expiry dates, counts) is accessed β€” never actual secret values.

4.6 App Lifecycle Dashboard

Analyses registration age distributions, creation trends, and ownership patterns to support hygiene reviews. All trend computations are performed locally.

4.7 Permission Inventory Dashboard

Catalogues OAuth 2.0 permission grants and application role assignments across the tenant, classifying each by risk level. Classification logic runs client-side.

4.8 CSV Export

All dashboard tables offer CSV export. Export files are generated entirely within your browser and saved directly to your local file system. No data is transmitted to AppDashboard servers during export.

5. What AppDashboard Does Not Do

The following operations are architecturally impossible in AppDashboard because the application holds no write permissions and has no backend infrastructure that could store or forward your data:

  • Create, modify, or delete any application registrations, service principals, or directory objects
  • Create, rotate, or revoke credentials (secrets or certificates)
  • Grant or revoke API permissions or consent
  • Modify any tenant configuration
  • Transmit your tenant data to AppDashboard servers or any third party
  • Store any tenant data persistently (beyond the current tab session)
  • Track your usage with analytics or advertising services
  • Share your data with third parties for any purpose

6. Permissions Model

AppDashboard requests the minimum permissions necessary to populate its analytical dashboards. All permissions are delegated (acting on behalf of the signed-in user) and scoped to read-only operations:

  • User.Read β€” read the signed-in user's profile
  • Application.Read.All β€” read all application registrations and service principals in the tenant
  • openid, profile, offline_access β€” standard OIDC scopes for authentication and silent token renewal

No application (app-only) permissions are requested. AppDashboard cannot perform any operation that the signed-in user's own Entra ID role does not permit.

7. Data Transmission & Security

7.1 Architecture

  • AppDashboard is hosted as an Azure Static Web App β€” purely static HTML, CSS, and JavaScript with no backend compute
  • All data access occurs directly between your browser and Microsoft Graph API
  • There are no AppDashboard Azure Functions, proxies, or intermediate servers involved in data access

7.2 Encryption

  • All communication with Microsoft Graph uses HTTPS/TLS
  • MSAL.js tokens are stored in sessionStorage with browser-native security protections
  • No credentials or secrets are ever transmitted through AppDashboard infrastructure

7.3 Authentication Security

  • Authorization Code Flow with PKCE β€” no implicit flow, no client secrets embedded in the app
  • Single-tenant enforcement β€” AppDashboard validates that the authenticated tenant matches the configured tenant to prevent cross-tenant confusion
  • Per-tab session isolation via sessionStorage β€” signing out of one tab does not affect other tabs

7.4 Platform Logging

AppDashboard has no application-level logging infrastructure. Azure Static Web Apps platform may collect standard hosting telemetry (request counts, response codes, CDN metrics) that contains no tenant data. This telemetry is governed by Microsoft's privacy practices.

8. Third-Party Services

AppDashboard integrates exclusively with Microsoft services:

  • Microsoft Entra ID: Authentication and identity management (direct browser-to-Microsoft connection)
  • Microsoft Graph API: Read-only access to tenant application data (direct browser-to-Microsoft connection)
  • Azure Static Web Apps: Application hosting (static asset delivery only)

No third-party analytics, advertising, tracking, or data-sharing services are used. No data is shared with any external party other than Microsoft for the purpose of authenticating you and querying your own tenant.

9. Data Retention & Deletion

9.1 No Persistent Storage

  • AppDashboard holds no databases, file stores, or persistent caches containing tenant data
  • All tenant data is discarded when you close your browser tab
  • There is no "delete my data" process required because no tenant data is ever retained

9.2 User Control

  • Revoke AppDashboard's access at any time via Microsoft Entra Admin Center β†’ Enterprise Applications β†’ AppDashboard β†’ Permissions β†’ Revoke consent
  • Closing the browser tab immediately terminates the session and clears all cached data
  • Theme preference stored in localStorage can be cleared via browser settings

10. Compliance

10.1 GDPR

AppDashboard's architecture is inherently aligned with GDPR's data minimisation and storage limitation principles: only the data necessary to render the requested dashboard is accessed, and it is held only for the duration of the active browser session. Because no tenant data is transferred to or stored by AppDashboard, there is no cross-border transfer or data controller relationship to establish beyond what already exists between your organisation and Microsoft.

10.2 Microsoft Trust Center

AppDashboard builds on Microsoft's security and compliance infrastructure. The underlying data governance of your Entra ID environment β€” including its certifications (ISO 27001, SOC 2, etc.) β€” applies to the data AppDashboard reads via Graph API.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in AppDashboard's functionality or applicable regulations. Significant changes will be communicated through in-application notifications and updates posted on the AppDashboard landing page. Continued use after such updates constitutes acceptance of the revised policy.

12. Contact

For privacy-related questions or concerns:

EU data subjects have the right to lodge a complaint with their local supervisory authority.