You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/roles/permissions-reference.md
+15Lines changed: 15 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -77,6 +77,7 @@ This article lists the Azure AD built-in roles you can assign to allow managemen
77
77
> |[Knowledge Administrator](#knowledge-administrator)| Can configure knowledge, learning, and other intelligent features. | b5a8dcf3-09d5-43a9-a639-8e29ef291470 |
78
78
> |[Knowledge Manager](#knowledge-manager)| Can organize, create, manage, and promote topics and knowledge. | 744ec460-397e-42ad-a462-8b3f9747a02c |
79
79
> |[License Administrator](#license-administrator)| Can manage product licenses on users and groups. | 4d6ac14f-3453-41d0-bef9-a3e0c569773a |
80
+
> |[Lifecycle Workflows Administrator](#lifecycle-workflows-administrator)| Create and manage all aspects of workflows and tasks associated with Lifecycle Workflows in Azure AD. | 59d46f88-662b-457b-bceb-5c3809e5908f |
80
81
> |[Message Center Privacy Reader](#message-center-privacy-reader)| Can read security messages and updates in Office 365 Message Center only. | ac16e43d-7b2d-40e0-ac05-243ff356ab5b |
81
82
> |[Message Center Reader](#message-center-reader)| Can read messages and updates for their organization in Office 365 Message Center only. | 790c1fb9-7f7d-4f88-86a1-ef1f95c05c1b |
82
83
> |[Modern Commerce User](#modern-commerce-user)| Can manage commercial purchases for a company, department or team. | d24aef57-1500-4070-84db-2666f29cf966 |
@@ -1479,6 +1480,20 @@ Users in this role can add, remove, and update license assignments on users, gro
1479
1480
> | microsoft.office365.serviceHealth/allEntities/allTasks | Read and configure Service Health in the Microsoft 365 admin center |
1480
1481
> | microsoft.office365.webPortal/allEntities/standard/read | Read basic properties on all resources in the Microsoft 365 admin center |
1481
1482
1483
+
## Lifecycle Workflows Administrator
1484
+
1485
+
Assign the Lifecycle Workflows Administrator role to users who need to do the following tasks:
1486
+
1487
+
- Create and manage all aspects of workflows and tasks associated with Lifecycle Workflows in Azure AD
1488
+
- Check the execution of scheduled workflows
1489
+
- Launch on-demand workflow runs
1490
+
- Inspect workflow execution logs
1491
+
1492
+
> [!div class="mx-tableFixed"]
1493
+
> | Actions | Description |
1494
+
> | --- | --- |
1495
+
> | microsoft.directory/lifecycleManagement/workflows/allProperties/allTasks | Manage all aspects of lifecycle management workflows and tasks in Azure AD |
1496
+
1482
1497
## Message Center Privacy Reader
1483
1498
1484
1499
Users in this role can monitor all notifications in the Message Center, including data privacy messages. Message Center Privacy Readers get email notifications including those related to data privacy and they can unsubscribe using Message Center Preferences. Only the Global Administrator and the Message Center Privacy Reader can read data privacy messages. Additionally, this role contains the ability to view groups, domains, and subscriptions. This role has no permission to view, create, or manage service requests.
0 commit comments