Privacy & Information

Learn how Entra Cards handles your data and what permissions are required

Data Collection

This application uses Microsoft Entra ID for authentication and Microsoft Graph API to access user directory information.

  • Accesses your basic profile information when you sign in
  • Allows you to search for colleagues in your organization's directory
  • Generates vCard files and QR codes from publicly available directory information
  • Does not store any personal data on servers
  • Does not share your information with third parties

Permissions & Admin Consent

Entra Cards requires the following Microsoft Graph permissions to function:

Required Permissions
  • User.Read
    Allows you to sign in and lets the application read your basic profile information (name, email, photo).
  • User.Read.All
    Allows the application to read profile information, manager relationships, and direct reports of all users in your organization's directory.
Why User.Read.All?

User.Read.All is required for Entra Cards to function as a complete employee directory tool. This permission includes access to user profiles, manager relationships, and direct reports - the same information available in popular Microsoft 365 applications you use every day:

  • Microsoft Teams - People search, presence, and org chart
  • Outlook - Global Address List (GAL) search and reporting structure
  • SharePoint - People picker and organizational hierarchy
  • Delve - Organization chart and people discovery

This permission allows users to see the same information they can already access through these built-in Microsoft tools.

Admin Consent Required

User.Read.All is an administrator-consented permission. When the first user from your organization signs in to Entra Cards, an administrator must consent on behalf of the organization.

What this means:

  • The admin grants permission once for the entire organization
  • All users can then sign in and use the application without individual consent prompts
  • This is a standard security practice for organizational applications

If you're not an administrator and see a consent error, contact your IT department and ask them to grant admin consent for Entra Cards.

What We DON'T Access

  • Your emails or messages
  • Your files or documents
  • Your calendar or meetings
  • The ability to modify any data
  • Access to personal or confidential information beyond the directory

Privacy Protections Built-In

  • Read-only access - Cannot modify any directory information
  • No data storage - Information is never stored on our servers
  • Filtered results - Automatically excludes sensitive accounts (admins, service accounts, guests)
  • Legitimate business need - Employee directory access is a standard workplace requirement

vCard Export Format

Contact information exported as vCard files follows the vCard 3.0 specification (RFC 2426) and vCard 4.0 specification (RFC 6350).

For more information about the vCard format standard, see: RFC 6350 - vCard Format Specification

International Characters in Outlook

Special Characters (ø, æ, å, etc.)

Issue: If Norwegian or other international characters don't display correctly when importing vCard files into Microsoft Outlook (e.g., "Møre og Romsdal" appears as "Møre og Romsdal"), you need to configure Outlook's encoding settings.

Solution:

  1. Open Microsoft Outlook
  2. Go to FileOptionsAdvanced
  3. Click International Options
  4. Select UTF-8 for both:
    • Preferred encoding for outgoing messages
    • Preferred encoding for outgoing vCards
  5. Click OK to save
  6. Restart Outlook

Note: Despite its name, the "outgoing" encoding setting also affects how Outlook imports (incoming) vCard files.

About the Author

Simon Skotheimsvik

Senior Cloud Consultant @ CloudWay | Microsoft MVP - Microsoft Intune

Entra Cards was born from a simple idea ( once upon a time run on IIS): what if sharing contact information could be as effortless as a single click? As a cloud consultant passionate about Microsoft 365 and identity management, I wanted to explore how modern web technologies could solve everyday workplace challenges.

This project serves as both a practical tool and a learning laboratory—an experiment in building lightweight, user-friendly web solutions that leverage the power of AI, Microsoft Graph API and Entra ID. It demonstrates how incremental consent models can balance user experience with security requirements, while showcasing the possibilities of modern identity-driven applications.

Whether you're here to export a vCard, generate a QR code, or explore organizational hierarchies, I hope this tool makes your workday just a little bit easier. And if you're a fellow developer or IT professional, feel free to dive into the code and see what's under the hood!

Connect on LinkedIn Linktree Buy Me a Coffee