Discover roles in Azure AD and how to use them to delegate permissions.
Distribute identity management tasks with Azure Active Directory (Azure AD) roles.
Role-based access control allows organizations to grant admins granular permissions in one of three role categories: Azure AD-specific roles, service-specific roles, and cross-service roles.
Azure AD roles are not only a means to manage permissions to identity resources, but also a foundation to control privileged access to many Microsoft security and productivity services. Common Azure AD admin roles manage permissions for users, groups, and apps. Other service roles manage permissions to Exchange, Intune, SharePoint, Microsoft Teams, and security tools like Microsoft Cloud App Security and the Microsoft Security Center.
Manage access to Azure AD resources with Azure AD role-based access controls. Choose from a set of built-in roles or customize roles to support your business needs.