How to list eligible roles in PIM assigned with a group in PIM even if the role hasn't been enabled yet.
We assign privileged roles with role-assigned groups with PIM but eligible roles.
if the user has enabled his roles on the "My Roles" page, membership is visible, if the role isn't enabled we don't see the membership.
I can list or view eligible roles if directly assigned or already enabled with PowerShell Scripts or KQL requests.
But we want to be able to list the roles that a user would enable and not only those that already have been enabled.
In another words, roles are assigned in PIM (not directly but by adding the user as member of a role-assigned group but in PIM) and we want to be able to check what a user could do and not only what "he does".
I mean how to view activable eligible roles?