help to create custom role

Felipe Cunha 25 Reputation points
2024-01-17T12:11:41.19+00:00

Hello.

I'm having difficulty creating a custom role. For example, I would like to create a role with the function microsoft.directory/pendingExternalUserProfiles/standard/read but when I go to create a new function in azure, this function does not appear. I noticed that many roles do not appear in the option to create a new role Any suggestions for this case?

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
879 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,158 questions
0 comments No comments
{count} vote

Accepted answer
  1. Givary-MSFT 35,216 Reputation points Microsoft Employee
    2024-01-17T12:24:15.14+00:00

    @Felipe Cunha Thank you for reaching out to us, As I understand you are trying to create a custom role within Entra id/Azure AD with this permission - microsoft.directory/pendingExternalUserProfiles/standard/read - Read standard properties of external user profiles in the extended directory for Teams

    At this moment, this permission cannot be used while creating the custom role, permissions which are defined here can be used - https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/custom-user-permissions

    Would request you to share your feedback on https://feedback.azure.com/d365community/search/?q=custom+role+entra+id with business justification why this permission is needed in your scenario, so that our product team can review this ask and have this permission added.

    Let me know if you have any further questions, feel free to post back.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Andy David - MVP 152.1K Reputation points MVP
    2024-01-17T12:27:15.17+00:00

    Not all permissions are available for custom roles. Here is the current list you can use: https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/custom-available-permissions You can provide feedback and request the ones you want here: https://feedback.azure.com/d365community/forum/22920db1-ad25-ec11-b6e6-000d3a4f0789

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.