Permissions required to manage Entra Permissions Management

Ben Jackson 31

We have just started a 90 day trial for Entra Permissions Management and have it running successfully however I cannot establish what minimum permissions or role is required simply to work with it, view reports etc. I understand Global Admin is required for the initial onboarding but hopefully a GA isn't also required to use it day to day?

Appreciate any advice.

David Szumski 0 Reputation points

2023-07-20T23:58:01.9533333+00:00

I have just registered with an account I no longer have a mailbox that is functionable. In the past two days I have totally lost control access to my apps my devices are not in compliance with protocells I did not or would not put in place. The fact that a year and a half with my devices being managed by my company me basically have overnight been rendered useless unable to access apps OK scans are due awaiting Intune to preform? I understand the changes going on at Azure turning into Entra. I have to change permissions which I have no access to I admit I am not the sharpest tool in the box this is not of and will be dismissed as all my own ignorance and lack of knowledge

Accepted answer

Andy David - MVP 141.6K Reputation points MVP

2022-11-17T12:03:49.7+00:00

Here is a list of the least privledged role required by the task you are doing.
You can choose the role you need based on this:
https://learn.microsoft.com/en-us/azure/active-directory/roles/delegate-by-task

List of all Azure AD roles:
https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference
Please sign in to rate this answer.

1 person found this answer helpful.
Ben Jackson 31 Reputation points

2022-11-17T12:52:48.807+00:00

Thanks Andy, I had looked over that but didn't see anything related to Entra Permissions Management, maybe it is too new a service - just odd that this isn't detailed in the documentation https://learn.microsoft.com/en-us/azure/active-directory/cloud-infrastructure-entitlement-management/

Andy David - MVP 141.6K Reputation points MVP

2022-11-17T12:58:52.94+00:00

Ok gotcha. Yea I suspect because its not GA yet, you will need GA initially for all the tasks. Heck, its not even doing a license check haha.
Once its "prod", I suspect they will role out different reports,operator kind of roles., etc...

Ben Jackson 31 Reputation points

2022-11-17T14:16:52.617+00:00

Good point, hadn't thought of the preview aspect
Sign in to comment

Permissions required to manage Entra Permissions Management

0 additional answers