Microsoft Viva

Microsoft Viva

Microsoft Viva is an employee experience platform that surfaces on websites through embedded engagement and learning modules. Scripts load content feeds and knowledge cards from Microsoft's cloud infrastructure. Sets authentication cookies for user identity and personalized workplace content delivery.

Microsoft
Part of Microsoft
Back to Vendor Library

Overview

Microsoft Viva is an employee experience platform that integrates into Microsoft 365 to deliver engagement, learning, knowledge, and workplace analytics features. When it appears on a website, it is typically powering embedded content feeds, learning modules, or knowledge cards served to authenticated employees. Viva components load from Microsoft's cloud infrastructure and require user identity for personalization.

What This Script Does

Microsoft Viva scripts load modular components from Microsoft's cloud endpoints, primarily under *.microsoft.com and *.office.com domains. The platform sets authentication cookies tied to Microsoft Entra ID (formerly Azure AD) to verify the user's identity and organizational membership. These include session tokens stored as secure, HttpOnly cookies that persist across page navigation.

Viva modules may make network requests to Microsoft Graph API endpoints to retrieve personalized content — such as learning course recommendations, engagement feed posts, or knowledge topic cards. Data collected is scoped to the authenticated user's organizational context: employee profile information, content interaction events (views, clicks, completions), and session telemetry for platform health monitoring.

No cross-site advertising cookies are set. Viva does not participate in ad networks or share data with third-party marketing platforms. The cookies and tokens it stores are strictly for maintaining authenticated sessions and delivering personalized workplace content within the organization's Microsoft 365 tenant.

Consent & Compliance

Microsoft Viva is classified as functional. Its scripts deliver workplace features that users or their organization have opted into — learning content, engagement modules, and knowledge surfaces. It does not perform advertising, behavioral profiling for marketing, or cross-site tracking.

Under the GDPR, Viva's data processing is typically governed by the organization's data processing agreement with Microsoft. The legal basis is usually legitimate interest or contract performance (the employer providing workplace tools). Individual website consent banners are less relevant because Viva is consumed by authenticated employees within an organizational context, not anonymous visitors.

Under the ePrivacy Directive, the cookies Viva sets for authentication and session management qualify as strictly necessary for the service the user has requested (accessing workplace content), which exempts them from the consent requirement under Article 5(3).

Under CCPA/CPRA, Viva does not sell or share personal information for cross-context behavioral advertising. Data processing is limited to the employer-employee relationship and Microsoft's role as a service provider under the organization's contract.

Should You Block This Without Consent?

No. Microsoft Viva operates as a functional workplace tool that requires authentication cookies to deliver its core service. Its cookies are strictly necessary for the requested functionality, and it does not perform advertising or cross-site tracking. Blocking it would break embedded employee experience features without any privacy benefit.

Visit website

Consent Categories

Functional

Also Known As

Microsoft Viva EngageViva LearningViva InsightsMicrosoft employee experienceMicrosoft 365

Industries

Computers Electronics and TechnologyProgramming and Developer Software

Tracked Domains (1)

viva.microsoft.comFunctional

Frequently Asked Questions

Does Microsoft Viva require cookie consent?

No. Microsoft Viva is an authenticated employee experience platform. Its cookies are limited to Microsoft Entra ID session tokens required for identity verification and personalized workplace content delivery. Under ePrivacy, these qualify as strictly necessary for a service the authenticated user has requested.

What data does Microsoft Viva collect?

Viva collects employee profile information, content interaction events such as video completions and learning progress, and session telemetry for platform health monitoring. Requests go to Microsoft Graph API endpoints under *.microsoft.com and *.office.com. No advertising cookies are set and no data is shared with third-party ad platforms.

How does ConsentStack treat Microsoft Viva?

ConsentStack classifies Microsoft Viva as functional. Because its authentication and session cookies are strictly necessary for the requested workplace service, ConsentStack does not block Viva scripts regardless of consent state. The vendor is disclosed in the site's consent notice without requiring user opt-in.

Other Microsoft Products

Bing Ads
Bing Ads
Microsoft Advertising (Bing Ads) is the advertising platform for search campaigns on Bing, Yahoo, and partner networks. The Universal Event Tracking (UET) tag fires on advertiser sites to record conversions and build remarketing audiences. Data flows into the Microsoft Advertising dashboard for campaign reporting and bid optimization.
Microsoft Advertising UET Tag
Microsoft Advertising UET Tag
Microsoft Advertising UET Tag is the Universal Event Tracking pixel for Microsoft's ad platform, formerly Bing Ads. The JavaScript tag fires on advertiser websites to track page views, conversions, and custom events for campaign optimization. Sets cookies to identify visitors across sessions and attribute conversions to Microsoft Search and Audience Network ad clicks.
Bing Webmaster Tools
Bing Webmaster Tools
Sets a meta tag or BingSiteAuth.xml file to confirm site ownership with Microsoft Bing. The verification asset collects no personal data; Bing then provides search performance, crawl error, and keyword analytics accessible only through authenticated Webmaster Tools dashboard sessions.
LinkedIn
LinkedIn
LinkedIn Insight Tag is a conversion tracking and audience analytics tool for LinkedIn advertising. Scripts set a first-party cookie and send page view and conversion events to LinkedIn's servers. Data supports campaign attribution, demographic reporting on site visitors, and LinkedIn retargeting audience creation.
Microsoft Azure AD
Microsoft Azure AD
Microsoft Azure AD (now Microsoft Entra ID) is a cloud identity and access management service for single sign-on and user authentication on websites. Scripts load the Microsoft Authentication Library to handle OAuth flows, display login prompts, and manage access tokens. Stores authentication cookies and session tokens to maintain user login state across visits.
Microsoft Dynamics 365
Microsoft Dynamics 365
Microsoft Dynamics 365 is a suite of CRM and ERP applications that integrates with websites through tracking scripts and embedded forms. Web tracking code captures visitor behavior, page views, and form submissions to build customer profiles and score leads. Sets cookies to identify returning visitors and attribute marketing touchpoints across sessions.
Microsoft Power Apps
Microsoft Power Apps
Microsoft Power Apps is a low-code application development platform that enables embedded business applications on websites. Scripts load custom app interfaces from Microsoft's cloud, render form controls and data views, and connect to backend data sources through Power Platform connectors. Sets session cookies to maintain application state and user authentication.
Microsoft Power Automate
Microsoft Power Automate
Microsoft Power Automate is a workflow automation platform that connects to websites through embedded triggers and action widgets. Scripts load form interfaces, approval flows, and automated process components that interact with Microsoft's cloud services. Sets session cookies to authenticate users and maintain workflow state during multi-step automated processes.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Power BI
Power BI
Power BI is Microsoft's business intelligence and data visualization platform. Its embedded scripts render interactive dashboards and reports within web pages, loading data visualizations through iframes or JavaScript APIs. Embedded reports may set authentication cookies and make requests to Microsoft's cloud services.
Xandr
Xandr
Xandr scripts serve programmatic display and video ads by placing cookies, collecting audience data, and participating in real-time bidding auctions. Scripts match visitors against audience segments and transmit behavioral data to Microsoft's advertising marketplace for targeting and measurement.

Related Vendors

Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Power Apps
Microsoft Power Apps
Microsoft Power Apps is a low-code application development platform that enables embedded business applications on websites. Scripts load custom app interfaces from Microsoft's cloud, render form controls and data views, and connect to backend data sources through Power Platform connectors. Sets session cookies to maintain application state and user authentication.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Microsoft Power Automate
Microsoft Power Automate
Microsoft Power Automate is a workflow automation platform that connects to websites through embedded triggers and action widgets. Scripts load form interfaces, approval flows, and automated process components that interact with Microsoft's cloud services. Sets session cookies to authenticate users and maintain workflow state during multi-step automated processes.

Manage consent for Microsoft Viva

ConsentStack automatically detects and manages Microsoft Viva trackers so your site stays compliant with global privacy regulations.

Get started free