Before You Start

Three quick steps to connect your tenant. No data leaves your browser at any point.

πŸ”

What EntraPass does

  • Reads user profiles, devices, auth methods, and CA policies via Microsoft Graph
  • Analyses passkey readiness entirely in your browser β€” no backend involved
  • Flags toxic combinations, blocking policies, and incompatible apps
πŸ”’

Security & Privacy

  • Nothing stored on servers β€” all data lives in browser memory only
  • Uses a PKCE SPA app registration in your own tenant β€” no client secrets
  • Run the cleanup script after scanning to remove the app registration
  • No external calls beyond Microsoft Graph (AI feature is opt-in)
βœ…

Prerequisites

  • A Microsoft Entra ID tenant you are authorised to scan
  • Application Developer role or higher to create an App Registration
  • Admin consent for 7 delegated Graph permissions (all read-only)