Share via

Which roles can view a user's authentication method details?

Daniel Niccoli 196 Reputation points
2023-12-13T08:40:12.7566667+00:00

If you use SSPR and MFA, your users may need to register additional authentication methods. The methods can be viewed by a Global Administrator, but normal users are denied access to these information.User's image

I know for a fact that there is at least one other role that grants access to these sensitive and personal information. I cannot find the documentation that explains what roles are granted access. I would appreciate some help finding the pages where this is documented. Thank you!

Microsoft Security Microsoft Entra Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Navya 19,795 Reputation points Microsoft External Staff Moderator
    2023-12-13T12:25:13.04+00:00

    Hi@Daniel Niccoli

    Thank you for posting this in Microsoft Q&A.

    I understand that you are interested in knowing which roles can view a user's authentication method details.

    In addition to the Global administrator Privileged Authentication Administrator and Authentication Administrator roles, these roles allow for the access of sensitive and personal information. These two roles have permissions to Manage user's auth methods.
    Note: User Administrator role can view user's sensitive data in older authentication method experience not in newer authentication method. Can't manage user's auth methods except reset password.
    User's image

    Please refer below documents:
    Authentication Methods
    Who can perform sensitive actions

    Hope this helps. Do let us know if you any further queries.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
    Thanks,
    Navya.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.