AzEntraIdRolesAdvertizer

last sync: 2025-Apr-29 17:09:03 Etc/UTC

User Administrator - fe930be7-5e62-47db-91af-98c3a49a38b1
Entra Id Role definition

Display name User Administrator
Id fe930be7-5e62-47db-91af-98c3a49a38b1
Description Can manage all aspects of users and groups, including resetting passwords for limited admins.
Detailed description Users with this role can create and manage all aspects of users and groups. Additionally, this role includes the ability to manage support tickets and monitors service health. Some restrictions apply. For example, this role does not allow deleting a global administrator. User Account administrators can change passwords for users, Helpdesk administrators, and other User Account administrators only
Categories identity
isPrivileged True Privileged
EntraOps Tier Level ControlPlane
#Resource Actions unique 109
#Resource Actions Operations unique 113
#Resource Actions privileged 9
#Resource Actions direct 55
Resource Actions inherited True
#Resource Actions inherited 54
Resource Actions inherited from Directory Readers (88d8e3e3-8f55-4a1e-953a-9b9898b8876b)
#Resource Actions overlap direct&inherited 0
Resource Actions overlap direct&inherited
#Resource Actions inherited to 0 other Entra Id Roles
Resource Actions inherited to n/a
#Resource Actions conditioned 0
#Resource Actions unconditioned 109
#NameSpaces 6
NameSpaces microsoft.azure.serviceHealth: 1
microsoft.azure.supportTickets: 1
microsoft.directory: 104
microsoft.office365.serviceHealth: 1
microsoft.office365.supportTickets: 1
microsoft.office365.webPortal: 1
Actions allTasks: 8
assignLicense: 2
create: 4
delete: 4
disable: 1
enable: 1
other: 3
read: 61
reprocessLicenseAssignment: 2
restore: 4
update: 19
Operations actionVerbs DELETE: 8
GET: 61
n/a: 8
PATCH: 16
POST: 19
PUT: 1
Resource Actions where Consent Policy applies 0
Resource Actions / Consent Policy n/a
JSON enriched
JSON raw (v1.0 endpoint)
GET /roleManagement/directory/roleDefinitions/{id}
JSON raw (beta endpoint)
GET /roleManagement/directory/roleDefinitions/{id}