For enterprise managed deployment, Laycon is deployed in your tenant. Your apps, workflows, and automations run entirely under your governance. You own Azure subscription, networking, identity & access and data residency. Laycon has no access to customer data by default.
Laycon uses industry-standard OAuth 2.0 authentication with Microsoft Entra ID. Customer applications securely obtain access tokens and call APIs through Azure API Management, which enforces authentication and routes requests to your backend services.
Data Handling & Privacy
Authentication & Access Control
User Authentication
Example: If a user cannot create a customer in D365, they also cannot create one through any app.
Service Principal (SP) Authentication
Front-end support: Works for Power Apps (Microsoft-managed tokens) and React SPAs (customer-owned tokens), enforcing consistent authentication and tenant isolation.
In Summary
Your apps, workflows, and automations run entirely within your Microsoft tenant, leveraging the same enterprise-grade security you already have with Microsoft. Laycon has no access to customer data by default. It's your data, your rules, with enterprise-grade Microsoft security enforcing it end to end.
Why it's secure
How it works:
For full technical details, refer to the official Microsoft documentation:
1. Microsoft identity platform and OAuth 2.0 On-Behalf-Of flow