Import roles to Microsoft Defender XDR Unified role-based access control (RBAC)

Applies to:


Some information in this article relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Import roles to Microsoft Defender XDR Unified RBAC from individual RBAC models

You can import existing roles that are maintained as part of individual supported products in Microsoft Defender XDR (for example, Microsoft Defender for Endpoint) to the Microsoft Defender XDR Unified RBAC model.

Importing roles will migrate and maintain the roles with full parity in relation to their permissions and user assignments in the Microsoft Defender XDR Unified RBAC model.


Once roles are migrated, you can modify the imported roles and change the level of permissions as needed.

The following steps guide you on how to import roles into Microsoft Defender XDR Unified RBAC:


You must be a Global Administrator or Security Administrator in Microsoft Entra ID, or have all the Authorization permissions assigned in Microsoft Defender XDR Unified RBAC to perform this task. For more information on permissions, see Permission pre-requisites.

  1. Sign in to the Microsoft Defender portal.

  2. In the navigation pane, select Permissions.

  3. Select Roles under Microsoft Defender XDR to get to the Permissions and roles page.

  4. Select Import role.

  5. Select the products you want to import roles from.

    Screenshot of the import workloads page

  6. Select Next to choose the roles to import. You can choose all roles or select specific roles from the list. You can always repeat the import action and import other roles at a later date.

  7. Review the roles you want to import and select Submit.

  8. A confirmation message appears and at this point you select Done.

Now that you have imported your roles you will be able to View and edit roles and activate the workloads.

For the Microsoft Defender XDR security portal to start enforcing the permissions and assignments configured in your new or imported roles, you'll need to activate the new Microsoft Defender XDR Unified RBAC model. For more information, see Activate the workloads.

Imported roles appear in the Permissions and roles list together with any custom roles you might have created. All imported roles will be marked as Imported in the description. Once you edit an imported role it will no longer be marked as Imported.


You can import roles as frequently as required. After you edit an imported role, the changes will not affect the original role where it was imported from. This means you have the option to delete an imported role and re-import the original role, if required. If you import the same role twice you will create a duplicate role.

Next steps


Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender XDR Tech Community.