![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 8%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECY%3C/text%3E%3C/svg%3E)
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
976 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Celine Yip
Thank you for posting this in Microsoft Q&A.I understand that you have facing an issue where you are unable to view the detailed information of the Entra ID, even though you have the global reader role for Azure.
We can check Activity logs in entra id with the help of global reader role, which allows us to check activity logs. I've tried using global reader to see the logs in my environment, and I'm seeing them successfully.
Please check below steps to fix this issue:
1.Could you please attempt to access the detailed information of the Entra ID using a different web browser?
2.Can you confirm whether you are currently using a member account or a guest account?
If you are using guest account, check below highlighted settings. When guest access is restricted, guests can view only their own user profile. Permission to view other users isn't allowed even if the guest is searching by User Principal Name or objectId.
For your reference: Restrict guest access permissions in Microsoft Entra ID
If you are using member account, please refer this post where similar issue has been discussed: https://learn.microsoft.com/en-us/answers/questions/1622528/403-error-when-opening-microsoft-entre-id-with-own
3.If your organization utilizes PIM, can you kindly verify whether you have acquired the eligible role or activated role?
It may be feasible for your organization to grant global reader role eligibility through PIM. In order to activate this role, you must ensure that the necessary steps have been completed.
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.