Privileged Identities in Azure AD – Above Global administrators
Privileged Identities in Azure AD
With this option, you can build up an Role-based Access Control (RBAC) solution on top of Azure AD roles, as well as other Microsoft online services, such as Office 365 or Microsoft Intune.
The following built-in roles can be managed using Privileged Identities in Azure AD
- Global Administrator
- Billing Administrator
- Service Administrator
- User Administrator
- Password Administrator
What does it mean to be ‘above’ a global admin?
These additional privileges are only possible for a Privileged Identity User
- They can provide just in time administrative access
- They are able to see reports about administrator access history and assignment changes
- The are able to receive alerts about access to any privileged role