EZ2ID relies on the users from Azure Active Directory for the address list and on Exchange Online for personal contacts which may be maintained in Microsoft Outlook.
Depending on the Office 365 tenant configuration, a user can consent to allow EZ2ID to access the contact data. Some Office 365 tenant security configurations may prevent an regular user account to allow access to the contacts in the tenant.
EZ2ID use the native Microsoft API for authentication and needs to be registered in Office 365.
The Azure Application Access Model requires to request permissions for each operation. EZ2ID. Details about enterprise applications are described in the Microsoft Docs (https://docs.microsoft.com/en-us/graph/permissions-reference#user-permissions).
After making sure users can send consent requests, EZ2ID can send a consent request.