Security

Security is not an afterthought at Tenantrix — it is built into every product decision we make.

Your data stays in your tenant

All Tenantrix products operate entirely within your Microsoft 365 environment. We do not collect, copy, or store any of your organisational data on external servers. Your data never leaves your tenant boundary.

Least-privilege permissions

Our products request only the Microsoft Graph API permissions they strictly need. All permission scopes are documented and consent is granted by a Global Administrator at installation time, through Microsoft's standard OAuth 2.0 flow.

Microsoft Entra ID authentication

Authentication is handled entirely through Microsoft Entra ID (formerly Azure Active Directory). Users sign in with their existing Microsoft 365 credentials. Tenantrix never stores or processes passwords.

Responsible disclosure

If you have identified a potential security issue in one of our products, we ask that you report it to us responsibly before public disclosure. We take all reports seriously and will respond promptly.

Report a security issue →