Privacy & Information

Learn how Entra Cards handles your data and what permissions are required

Data Collection & Privacy

This application uses Microsoft Entra ID for authentication and Microsoft Graph API to access user directory information.

What We Access
  • Accesses your basic profile information when you sign in
  • Allows you to search for colleagues in your organization's directory
  • Generates vCard files and QR codes from publicly available directory information
What We Store

To demonstrate the application's usage and popularity, we collect minimal anonymous statistics:

  • Usage Counters: Total number of vCards downloaded, QR codes generated, and reports printed (aggregated across all organizations)
  • Organization Count: Number of unique organizations using the application (using one-way cryptographic hashes - we cannot identify which organizations)
  • No Personal Data: We do NOT store user IDs, names, emails, IP addresses, or any personally identifiable information
  • No Organizational Data: We cannot identify which organizations are using the application
  • No Activity Tracking: We do not track individual user actions or behaviors
Fully Anonymous Statistics

These statistics are displayed on the homepage to show the application's global usage. The data is aggregated, anonymous, and cannot be used to identify any individual or organization. This is similar to a website showing "10,000 downloads" - it's a simple counter with no personal information attached.

Permissions & Admin Consent

Entra Cards requires the following Microsoft Graph permissions to function:

Required Permissions
  • User.Read
    Allows you to sign in and lets the application read your basic profile information (name, email, photo).
  • User.Read.All Official Documentation
    Allows the application to read the full set of profile properties, manager relationships, and direct reports for all users in your organization. This includes: display name, job title, department, company name, office location, phone numbers (business, mobile), email addresses, profile photos, and organizational hierarchy.
Why User.Read.All?

User.Read.All is required for Entra Cards to function as a complete employee directory tool. This permission includes access to user profiles, manager relationships, and direct reports - the same information available in popular Microsoft 365 applications you use every day:

  • Microsoft Teams - People search, presence, and org chart
  • Outlook - Global Address List (GAL) search and reporting structure
  • SharePoint - People picker and organizational hierarchy
  • Delve - Organization chart and people discovery

This permission allows users to see the same information they can already access through these built-in Microsoft tools.

Admin Consent Required

User.Read.All is an administrator-consented permission. When the first user from your organization signs in to Entra Cards, an administrator must consent on behalf of the organization.

What this means:

  • The admin grants permission once for the entire organization
  • All users can then sign in and use the application without individual consent prompts
  • This is a standard security practice for organizational applications
First-Time Setup for Administrators

Are you a tenant administrator setting up Entra Cards for your organization? Use the admin consent link below to grant organization-wide permissions. This is the recommended approach to ensure all users can access the application without individual consent prompts.

Grant Admin Consent for Your Organization

Not an administrator? Contact your IT department and ask them to grant admin consent for Entra Cards using the link above, or ask them to visit this Privacy page for more information.

What We DON'T Access

  • Your emails or messages
  • Your files or documents
  • Your calendar or meetings
  • The ability to modify any data
  • Access to personal or confidential information beyond the directory

Privacy Protections Built-In

  • Read-only access - Cannot modify any directory information
  • No data storage - Information is never stored on our servers
  • Filtered results - Automatically excludes sensitive accounts (admins, service accounts, guests)
  • Legitimate business need - Employee directory access is a standard workplace requirement

vCard Export Format

Contact information exported as vCard files follows the vCard 3.0 specification (RFC 2426) and vCard 4.0 specification (RFC 6350).

For more information about the vCard format standard, see: RFC 6350 - vCard Format Specification

International Characters in Outlook

Special Characters (ø, æ, å, etc.)

Issue: If Norwegian or other international characters don't display correctly when importing vCard files into Microsoft Outlook (e.g., "Møre og Romsdal" appears as "Møre og Romsdal"), you need to configure Outlook's encoding settings.

Solution:

  1. Open Microsoft Outlook
  2. Go to FileOptionsAdvanced
  3. Click International Options
  4. Select UTF-8 for both:
    • Preferred encoding for outgoing messages
    • Preferred encoding for outgoing vCards
  5. Click OK to save
  6. Restart Outlook

Note: Despite its name, the "outgoing" encoding setting also affects how Outlook imports (incoming) vCard files.

Importing Team vCards

Multi-Contact vCard Files

Team vCard files (available on the Groups page) contain multiple contacts in a single file. This allows you to import an entire team, department, or group at once.

iOS (iPhone/iPad)
  1. Download the Team vCard file
  2. Tap Share on the downloaded file
  3. Select Contacts to open the vCard in the Contacts app
  4. You can then select which contacts to import, or import all users from the Team vCard
Outlook Mobile (Android/iOS)
  1. Send the Team vCard file to yourself as an email attachment
  2. Open the email in Outlook on your mobile phone
  3. Tap the vCard attachment to open it
  4. You can select which contacts to import, or import all users in the vCard

Tip: Team vCards are a quick way to build your contact list when joining a new team or department.

About the Author

Simon Skotheimsvik

Senior Cloud Consultant @ CloudWay | Microsoft MVP - Microsoft Intune

Entra Cards was born from a simple idea ( once upon a time run on IIS): what if sharing contact information could be as effortless as a single click? As a cloud consultant passionate about Microsoft 365 and identity management, I wanted to explore how modern web technologies could solve everyday workplace challenges that I have seen firsthand since I started my career in the late 1990s.

This project serves as both a practical tool and a learning laboratory—an experiment in building lightweight, user-friendly web solutions that leverage the power of AI, Microsoft Graph API and Entra ID. It demonstrates how incremental consent models can balance user experience with security requirements, while showcasing the possibilities of modern identity-driven applications.

Whether you're here to export a vCard, generate a QR code, or explore organizational hierarchies, I hope this tool makes your workday just a little bit easier. And if you're a fellow developer or IT professional, feel free to dive into the code and see what's under the hood!

Connect on LinkedIn Linktree Buy Me a Coffee