last sync: 2025-Aug-10 17:08:49 Etc/UTC

SharePoint Embedded Administrator - 1a7d78b6-429f-476b-b8eb-35fb715fffd4
Entra Id Role definition

Display name SharePoint Embedded Administrator
Id 1a7d78b6-429f-476b-b8eb-35fb715fffd4
Description Manage all aspects of SharePoint Embedded containers.
Detailed description Assign the SharePoint Embedded Administrator role to users who need to do the following tasks:
* Perform all tasks using PowerShell, Microsoft Graph API, or SharePoint admin center
* Manage, configure, and maintain SharePoint Embedded containers
* Enumerate and manage SharePoint Embedded containers
* Enumerate and manage permissions for SharePoint Embedded containers
* Manage storage of SharePoint Embedded containers in a tenant
* Assign security and compliance policies on SharePoint Embedded containers
* Apply security and compliance policies on SharePoint Embedded containers in a tenant
Categories collaboration
isPrivileged False
EntraOps Tier Level ManagementPlane
#Resource Actions unique 60
#Resource Actions Operations unique 60
#Resource Actions privileged 0
#Resource Actions direct 6
Resource Actions inherited True
#Resource Actions inherited 54
Resource Actions inherited from Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b)
#Resource Actions overlap direct&inherited 0
Resource Actions overlap direct&inherited
#Resource Actions inherited to 0 other Entra Id Roles
Resource Actions inherited to n/a
#Resource Actions conditioned 0
#Resource Actions unconditioned 60
#NameSpaces 7
NameSpaces microsoft.directory: 54
microsoft.office365.fileStorageContainers: 1
microsoft.office365.network: 1
microsoft.office365.serviceHealth: 1
microsoft.office365.supportTickets: 1
microsoft.office365.usageReports: 1
microsoft.office365.webPortal: 1
Actions allTasks: 3
read: 57
Operations actionVerbs GET: 57
n/a: 3
Resource Actions where Consent Policy applies 0
Resource Actions / Consent Policy n/a
JSON enriched
{29 items}
JSON raw (v1.0 endpoint)
GET /roleManagement/directory/roleDefinitions/{id}
{12 items
  • @odata.context: "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleDefinitions/$entity",
  • id: "1a7d78b6-429f-476b-b8eb-35fb715fffd4",
  • description: "Manage all aspects of SharePoint Embedded containers.",
  • displayName: "SharePoint Embedded Administrator",
  • isBuiltIn: true,
  • isEnabled: true,
  • resourceScopes: [1 item
    • "/"
    ],
  • templateId: "1a7d78b6-429f-476b-b8eb-35fb715fffd4",
  • version: "1",
  • rolePermissions: [1 item
    • {2 items
      • allowedResourceActions: [6 items
        • "microsoft.office365.fileStorageContainers/allEntities/allProperties/allTasks",
        • "microsoft.office365.network/performance/allProperties/read",
        • "microsoft.office365.serviceHealth/allEntities/allTasks",
        • "microsoft.office365.supportTickets/allEntities/allTasks",
        • "microsoft.office365.usageReports/allEntities/allProperties/read",
        • "microsoft.office365.webPortal/allEntities/standard/read"
        ],
      • condition: null
      }
    ],
  • inheritsPermissionsFrom@odata.context: "https://graph.microsoft.com/v1.0/$metadata#roleManagement/directory/roleDefinitions('1a7d78b6-429f-476b-b8eb-35fb715fffd4')/inheritsPermissionsFrom",
  • inheritsPermissionsFrom: [1 item
    • {1 item
      • id: "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
      }
    ]
}
JSON raw (beta endpoint)
GET /roleManagement/directory/roleDefinitions/{id}
{16 items
  • @odata.context: "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/roleDefinitions/$entity",
  • id: "1a7d78b6-429f-476b-b8eb-35fb715fffd4",
  • assignmentMode: "allowed",
  • categories: "collaboration",
  • description: "Manage all aspects of SharePoint Embedded containers.",
  • displayName: "SharePoint Embedded Administrator",
  • isBuiltIn: true,
  • isEnabled: true,
  • isPrivileged: false,
  • resourceScopes: [1 item
    • "/"
    ],
  • richDescription: "Assign the SharePoint Embedded Administrator role to users who need to do the following tasks: * Perform all tasks using PowerShell, Microsoft Graph API, or SharePoint admin center * Manage, configure, and maintain SharePoint Embedded containers * Enumerate and manage SharePoint Embedded containers * Enumerate and manage permissions for SharePoint Embedded containers * Manage storage of SharePoint Embedded containers in a tenant * Assign security and compliance policies on SharePoint Embedded containers * Apply security and compliance policies on SharePoint Embedded containers in a tenant",
  • templateId: "1a7d78b6-429f-476b-b8eb-35fb715fffd4",
  • version: "1",
  • rolePermissions: [1 item
    • {2 items
      • allowedResourceActions: [6 items
        • "microsoft.office365.fileStorageContainers/allEntities/allProperties/allTasks",
        • "microsoft.office365.network/performance/allProperties/read",
        • "microsoft.office365.serviceHealth/allEntities/allTasks",
        • "microsoft.office365.supportTickets/allEntities/allTasks",
        • "microsoft.office365.usageReports/allEntities/allProperties/read",
        • "microsoft.office365.webPortal/allEntities/standard/read"
        ],
      • condition: null
      }
    ],
  • inheritsPermissionsFrom@odata.context: "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/roleDefinitions('1a7d78b6-429f-476b-b8eb-35fb715fffd4')/inheritsPermissionsFrom",
  • inheritsPermissionsFrom: [1 item
    • {1 item
      • id: "88d8e3e3-8f55-4a1e-953a-9b9898b8876b"
      }
    ]
}