View roles assigned to a group in Microsoft Entra ID
This section describes how the roles assigned to a group can be viewed using the Microsoft Entra admin center. Viewing groups and assigned roles are default user permissions.
Prerequisites
- Microsoft Graph PowerShell module when using PowerShell
- Admin consent when using Graph explorer for Microsoft Graph API
For more information, see Prerequisites to use PowerShell or Graph Explorer.
Microsoft Entra admin center
Tip
Steps in this article might vary slightly based on the portal you start from.
Sign in to the Microsoft Entra admin center.
Browse to Identity > Groups > All groups.
Select a role-assignable group that you are interested in.
Select Assigned roles. You can now see all the Microsoft Entra roles assigned to this group.
PowerShell
Get object ID of the group
Get-MgGroup -Filter "DisplayName eq 'Contoso_Helpdesk_Administrators'"
View role assignment to a group
Get-MgRoleManagementDirectoryRoleAssignment -Filter "PrincipalId eq '<object id of group>'"
Microsoft Graph API
Get object ID of the group
Use the Get group API to get a group.
GET https://graph.microsoft.com/v1.0/groups?$filter=displayName+eq+'Contoso_Helpdesk_Administrator'
Get role assignments to a group
Use the List unifiedRoleAssignments API to get the role assignment.
GET https://graph.microsoft.com/v1.0/roleManagement/directory/roleAssignments?$filter=principalId eq
Next steps
Feedback
https://aka.ms/ContentUserFeedback.
Kommer snart: I hele 2024 udfaser vi GitHub-problemer som feedbackmekanisme for indhold og erstatter det med et nyt feedbacksystem. Du kan få flere oplysninger under:Indsend og få vist feedback om