1. Acceptance of Terms
By accessing or using AppDashboard, you agree to comply with these Terms of Use. If you do not agree, please do not use the Service. These terms govern your use of AppDashboard specifically; other tools in the AppConfig² suite are governed by their own terms.
2. Description of Service
AppDashboard is a read-only Microsoft Entra ID tenant security analytics tool. It connects to your tenant via Microsoft Graph API using delegated, read-only permissions and renders security insights, risk scores, and application inventory data entirely within your browser. AppDashboard provides seven analytical dashboards:
- Alerts Overview: Six high-priority KPI cards surfacing the most urgent security and hygiene risks across your app registrations
- App Inventory: A searchable, filterable table of all application registrations with nine metric columns and expandable detail panels
- Security Posture: Per-application and tenant-level 0â100 security scores based on credential hygiene, permission scope, ownership coverage, and authentication configuration
- Attack Surface: Risk classification across four categories â Authentication, Credential, Privilege, and Exposure â with a ranked list of the highest-risk registrations
- Secrets & Expiry: Credential lifecycle view grouping secrets and certificates by expiry status (expired, expiring soon, valid)
- App Lifecycle: Age distribution, creation trend analysis, and ownership coverage metrics to support application hygiene reviews
- Permission Inventory: Tenant-wide catalogue of OAuth 2.0 delegated grants and application role assignments, classified by risk level
All dashboards support click-to-filter interaction and CSV export. AppDashboard performs no write operations of any kind against your Entra ID tenant.
AppDashboard is designed for security analysts, compliance officers, IT managers, and Entra ID administrators who need a consolidated, read-only view of their tenant's application security posture.
3. Read-Only Guarantee
AppDashboard holds no write permissions. It is architecturally incapable of creating, modifying, or deleting any object in your Entra ID tenant. The only Microsoft Graph permission granted is Application.Read.All (delegated), supplemented by User.Read for resolving the signed-in identity. No changes to your tenant configuration, application registrations, credentials, or consent grants can result from using AppDashboard.
4. Service Availability & Access Control
Tenant Allowlist System: AppDashboard uses a secure allowlist to control which organisation tenants can access the service. Your organisation's Entra ID tenant ID must be authorised before you can sign in.
To request access:
- Contact your IT administrator to submit a tenant access request
- Email support@appconfig.eu with your tenant ID and organisation details
- Access requests are typically processed within 1â2 business days
AppDashboard is currently in Early Access phase. Service availability may vary and scheduled maintenance periods may occur.
5. Administrator Consent & Required Permissions
AppDashboard requires a one-time administrator consent to grant the following delegated permissions:
User.Readâ read the signed-in user's profile to display identity in the UIApplication.Read.Allâ read all application registrations and service principals in the tenant to populate dashboardsopenid,profile,offline_accessâ standard OIDC scopes for authentication and silent token renewal
These are the only permissions AppDashboard will ever request. No additional scopes are requested at any point during use. Administrators are responsible for ensuring that the personnel granted access to AppDashboard are authorised to view the tenant's application inventory and security posture data.
6. User Responsibilities & Acceptable Use
Users must:
- Use AppDashboard only for authorised analytical and security review purposes within their organisation
- Comply with their organisation's IT and data classification policies when exporting CSV data from dashboards
- Not share exported data with unauthorised parties, as it may contain sensitive tenant information (application names, permission grants, credential expiry data)
- Not attempt to reverse-engineer, tamper with, or misuse the service
- Report any security vulnerabilities or unexpected behaviour promptly to support@appconfig.eu
Prohibited Uses:
- Accessing AppDashboard using credentials you are not authorised to use
- Attempting to use AppDashboard to access data outside your organisation's tenant
- Exporting and distributing tenant security data in violation of your organisation's policies or applicable law
- Using AppDashboard to facilitate unauthorised reconnaissance of another organisation's environment
7. Data Handling
AppDashboard employs sessionStorage-based, per-tab caching of Microsoft Graph API responses to power its dashboards:
- Scope: Cached data is limited to the current browser tab and is automatically discarded when the tab is closed
- No server storage: No tenant data is transmitted to or stored on AppDashboard servers
- Session isolation: Each tab maintains its own independent session; no data is shared between tabs
- CSV exports: Generated locally in your browser and saved directly to your file system â no upload occurs
Please refer to the AppDashboard Privacy Policy for full details on data handling.
8. Service Modifications & Updates
We reserve the right to:
- Modify, update, or discontinue dashboards or features with reasonable notice
- Perform scheduled maintenance that may temporarily affect service availability
- Update security measures, access controls, or the tenant allowlist as needed
Because AppDashboard is read-only, service updates cannot alter your Entra ID tenant data.
9. Limitation of Liability
The Service is provided "as is" without warranties of any kind. AppDashboard and its developers are not responsible for:
- Decisions made based on security scores, risk classifications, or dashboard metrics â these are indicators to support human review, not authoritative compliance assessments
- Inaccuracies in computed metrics resulting from Microsoft Graph API data inconsistencies or latency
- Service interruptions or unavailability
- Unauthorised access to your Entra ID environment by third parties
- Compliance violations arising from misuse of exported data
Metric Disclaimer: Security scores and risk classifications are generated algorithmically from available Graph API data. They should be reviewed in context by a qualified administrator and do not constitute a security audit or compliance certification.
10. Early Access Program
AppDashboard is currently offered as part of an Early Access Program:
- Dashboard logic, scoring models, and features may change without prior notice
- Service availability is not guaranteed during this phase
- Early access participants may be invited to provide feedback
- Transition to a paid subscription may occur with advance notice to early access participants
11. Changes to Terms
We may update these Terms of Use periodically. Users will be notified of significant updates through the application or email. Continued use of AppDashboard after such updates constitutes acceptance of the revised terms.
12. Contact & Support
For questions about these Terms of Use, tenant access requests, or technical support, contact us at support@appconfig.eu.