Knowledge Center
Contact Support
Open Alpharun
Need help with Alpharun?
In this article
IntroductionMinimal Permissions for a Streamlined ExperienceWhy these specific permissions?Our Top Priority: Data Security and Privacy
Home

Which permissions does Alpharun require for Microsoft login?

Edited

Introduction

Alpharun offers the convenience and security of signing in with your existing Microsoft account. We understand that your organization's security and data privacy are of utmost importance. This article outlines the specific permissions Alpharun requests when you choose to use Microsoft for authentication, and how we handle your data responsibly.

Minimal Permissions for a Streamlined Experience

Alpharun adheres to the principle of least privilege, meaning we only request the minimum permissions necessary to provide our service. When you sign in with Microsoft, users will be asked to consent to the following permission:

  • User.Read: This fundamental permission allows Alpharun to:

    • Access a user's email and name

    • This permission does not grant Alpharun access to your emails, calendar, contacts, files, or other data.

In addition to User.Read, the following standard OpenID Connect permissions are part of the Microsoft sign-in process:

  • email: This allows Alpharun to view the primary email address associated with your Microsoft account.

  • openid: This is a standard scope that enables secure authentication with your Microsoft account. It's a foundational component of the sign-in process and doesn't grant access to any specific user data beyond facilitating authentication.

Why these specific permissions?

Using your Microsoft account to sign in to Alpharun creates a convenient experience for users and eliminates the need to create manage separate credentials that create new security risks.

Our Top Priority: Data Security and Privacy

Alpharun is deeply committed to protecting your data. We understand that the security of your information is paramount, and we've built our systems and practices with this principle in mind.

Our Security Posture:

  • Principle of Least Privilege: As outlined above, we only request and receive the absolute minimum data necessary for a functional and user-friendly experience through Microsoft login.

  • Secure Storage: Any data received is stored securely, using industry-standard encryption and access control measures.

  • No Unnecessary Access: We do not access or store any other data from your Microsoft account, such as your files, contacts, or calendar information.

  • SOC 2 Type 2 Compliance: Alpharun has successfully completed a SOC 2 Type 2 audit, demonstrating our commitment to robust security controls and practices. This independent assessment validates the effectiveness of our security measures in protecting customer data.

  • Trust and Transparency: We are committed to transparency about our security practices. You can find detailed information about our security posture, infrastructure, and controls at our dedicated Trust Center: https://trust.alpharun.com

Questions? Reach out to our team at support@alpharun.com.

Homepage