LicenSweepHome

Trust center

Read-only Microsoft 365 insights

LicenSweep is designed to identify license waste without modifying your Microsoft tenant.

Microsoft access

The application uses the read-only Microsoft Graph application permissions Reports.Read.All, LicenseAssignment.Read.All, and User.Read.All. It cannot remove users, assign licenses, read email content, or change tenant settings.

Authentication and roles

Dashboard users sign in through Microsoft. Owner, Administrator, and Viewer permissions are enforced by the server for every protected action.

Data handling

Traffic is encrypted with HTTPS. Application secrets are stored in AWS Secrets Manager, and tenant records are stored in Amazon DynamoDB. Full Microsoft activity reports and user-level findings are not stored persistently.

Control and revocation

An Owner can disconnect Microsoft report access in LicenSweep. A Microsoft administrator can also revoke the LicenSweep enterprise application in the Microsoft 365 admin center.

Report a concern

Email support@licensweep.com.