EzExport Security
Overview
EzExport is designed with security and privacy in mind. The application retrieves Project Online data directly from your Microsoft tenant and converts it into CSV files entirely within your browser. This means that sensitive project data never passes through or is stored on EzExport servers.
The EzExport backend only handles user authentication and authorization — it never touches your project data. The application is hosted by Cloudflare and utilizes its global infrastructure.
User Authentication and Authorization
EzExport uses Microsoft Entra ID for user authentication and authorization. It utilizes the Authorization Code flow with PKCE. To enable client-side data access, the Hybrid SPA approach is used.
The following permission scopes are requested:
openid— to obtain user's identityprofile— to obtain user's profile informationemail— to obtain user's email addresshttps://graph.microsoft.com/User.Read— to read user's profile from Microsoft Graph{pwaUrl}/ProjectWebAppReporting.Read— to read project data from Project Online for export{pwaUrl}/ProjectWebApp.FullControl— required to read custom field definitions from Project Online Admin Consent Required
More details on OpenID scopes: OpenID Connect scopes.
Admin Consent
An Azure AD Administrator can pre-authorize the EzExport application for all users in their organization by granting admin consent. This allows users to sign in without being prompted to individually approve each permission. It is also required for some permissions.
More details: Admin consent on the Microsoft identity platform.
Data Processing
Backend Data Processing
The EzExport backend only accesses the minimum user information necessary to authorize access. This includes:
- User's login name / email address
- User's display name
- Company name
- User and tenant GUIDs
Since all required information is available at the beginning of the user session, no additional data needs to be accessed afterward. Therefore, no user tokens are stored on the backend.
Some basic telemetry and exception information may be collected for service reliability. By design, this information does not include any project data.
Client-Side Data Processing
Once authenticated, the user enters their Project Online PWA URL. EzExport then acquires an access token for that SharePoint resource directly in the browser using the Hybrid SPA flow. All API calls to Project Online are made directly from the user's browser to the customer-owned Microsoft tenant — the EzExport backend is never involved.
The retrieved data is processed and converted into CSV files within the browser. The resulting files are downloaded directly to the user's local machine without passing through any EzExport servers.