| Display name | Intune Administrator | ||
|---|---|---|---|
| Id | 3a2c62db-5318-420d-8d74-23affee5d9d5 | ||
| Description | Can manage all aspects of the Intune product. | ||
| Detailed description | Users with this role have global permissions within Microsoft Intune Online, when the service is present. Additionally, this role contains the ability to manage users and devices in order to associate policy, as well as create and manage groups. | ||
| Categories | devices,identity | ||
| isPrivileged | True Privileged | ||
| EntraOps Tier Level | ControlPlane | ||
| #Resource Actions unique | 92 | ||
| #Resource Actions Operations unique | 97 | ||
| #Resource Actions privileged | 1 | ||
| #Resource Actions direct | 38 | ||
| Resource Actions inherited | True | ||
| #Resource Actions inherited | 54 | ||
| Resource Actions inherited from | Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b) | ||
| #Resource Actions overlap direct&inherited | 0 | ||
| Resource Actions overlap direct&inherited | |||
| #Resource Actions inherited to | 0 other Entra Id Roles | ||
| Resource Actions inherited to | n/a | ||
| #Resource Actions conditioned | 0 | ||
| #Resource Actions unconditioned | 92 | ||
| #NameSpaces | 7 | ||
| NameSpaces | microsoft.azure.supportTickets: 1 microsoft.cloudPC: 1 microsoft.directory: 86 microsoft.intune: 1 microsoft.office365.organizationalMessages: 1 microsoft.office365.supportTickets: 1 microsoft.office365.webPortal: 1 |
||
| Actions | allTasks: 4 create: 3 delete: 4 disable: 1 enable: 1 read: 61 restore: 1 update: 17 |
||
| Operations actionVerbs | DELETE: 8 GET: 61 n/a: 4 PATCH: 14 POST: 9 PUT: 1 |
||
| Resource Actions where Consent Policy applies | 0 | ||
| Resource Actions / Consent Policy | n/a | ||
| JSON enriched |
|
||
| JSON raw (v1.0 endpoint) |
|
||
| JSON raw (beta endpoint) |
|