Not able to disable the user despite User Administrator role.

Shruti 1 Reputation point

I am not able to disable user even after having User Administrator role. Getting this error "Insufficient permissions to edit user properties "
I am getting the same issue when calling the graph API.

Request Body :
"AccountEnabled": false


Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,891 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Vasil Michev 71,626 Reputation points MVP

    Is the target user an admin one? There are certain operations you cannot perform against an admin user, as detailed here:
    Similarly, you cannot perform this operation against your own user account.

    0 comments No comments

  2. Harpreet Singh Matharoo 3,971 Reputation points Microsoft Employee

    Hello @Shruti

    The error you are receiving is expected if the user for which you are trying make this change has some kind of role assigned. To share some more insights, I would like to share that "Disable or enable user" (accountEnabled) is a sensitive property and User Administrator can only perform this action on some type of users.

    Following table shares more information about this for complete information please refer following document: Who can perform sensitive actions.


    I hope this helps to resolve your query.


    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

  3. CarlZhao-MSFT 23,686 Reputation points

    Hi @Shruti

    If you are trying to update the account enabled attribute of a normal user, then the User Administrator role is sufficient. However, if you want to update the account enabled attribute of an administrator, you must have the Global Administrator role.



    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments