| Display name | Privileged Role Administrator | ||
|---|---|---|---|
| Id | e8611ab8-c189-46e8-94e1-60213ab1f814 | ||
| Description | Can manage role assignments in Microsoft Entra ID, and all aspects of Privileged Identity Management. | ||
| Detailed description | Users with this role can manage role assignments in Microsoft Entra ID, as well as within Microsoft Entra Privileged Identity Management. In addition, this role allows management of all aspects of Privileged Identity Management. | ||
| Categories | identity | ||
| isPrivileged | True Privileged | ||
| EntraOps Tier Level | ControlPlane | ||
| #Resource Actions unique | 82 | ||
| #Resource Actions Operations unique | 84 | ||
| #Resource Actions privileged | 2 | ||
| #Resource Actions direct | 28 | ||
| Resource Actions inherited | True | ||
| #Resource Actions inherited | 54 | ||
| Resource Actions inherited from | Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b) | ||
| #Resource Actions overlap direct&inherited | 0 | ||
| Resource Actions overlap direct&inherited | |||
| #Resource Actions inherited to | 0 other Entra Id Roles | ||
| Resource Actions inherited to | n/a | ||
| #Resource Actions conditioned | 0 | ||
| #Resource Actions unconditioned | 82 | ||
| #NameSpaces | 2 | ||
| NameSpaces | microsoft.directory: 81 microsoft.office365.webPortal: 1 |
||
| Actions | allTasks: 9 assignLicense: 1 create: 3 delete: 3 managePermissionGrantsForAll: 1 read: 58 reprocessLicenseAssignment: 1 restore: 1 update: 5 |
||
| Operations actionVerbs | DELETE: 4 GET: 58 n/a: 10 PATCH: 4 POST: 8 |
||
| Resource Actions where Consent Policy applies | 1 | ||
| Resource Actions / Consent Policy | Resource Action: microsoft.directory/servicePrincipals/managePermissionGrantsForAll.microsoft-company-admin Consent Policy: microsoft-company-admin displayName: Company Admin Policy description:Permissions consentable by Company Administrators. includes: 2 excludes: 0 |
||
| JSON enriched |
|
||
| JSON raw (v1.0 endpoint) |
|
||
| JSON raw (beta endpoint) |
|