This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Microsoft 365 Apps admin center provides modern management in the cloud for admins who deploy and manage Microsoft 365 Apps in the enterprise. This article lists the features and services available in the admin center.
You can use the following built-in Microsoft Entra roles for accessing and managing the feature:
Important
Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
| Role | Description |
|---|---|
| Office Apps Administrator (Recommended) | This role can manage Office apps cloud services, including policy and settings management, and manage the ability to select, unselect, and publish 'what's new' feature content to end-user's devices. |
| Security Administrator | This role can read security information and reports and manage configuration in Microsoft Entra ID and Office 365. |
| Global Administrator | This role can manage all aspects of Microsoft Entra ID and Microsoft services that use Microsoft Entra identities. |
Note
Global Reader is another built-in role supported by the Microsoft 365 Apps admin center, but it does not support some features like cloud update or the Modern App Settings page.
Your user must be assigned to one of the following subscription plans:
| Type | Subscription Plan |
|---|---|
| Education | |
| Business | |
| Enterprise |
Important
The following plans are not supported:
You can manage Microsoft 365 Apps on Windows with the following version requirements:
Devices running Microsoft 365 Apps require access to the following endpoints:
| Microsoft service | URLs required on allowlist |
|---|---|
| Microsoft 365 Apps admin center | |
| Office Content Delivery Network (CDN) |
Source: Microsoft 365 URLs and IP address ranges
Some features support the use of Microsoft Entra groups. For example, groups can be used to configure custom rollout waves or setup device exclusions in cloud update.
Using Microsoft Entra groups is supported under the following conditions:
Note
The Cloud Policy Service only supports user objects as the policies set apply on a user level, not device level.
Note
"Office cloud policy service" has been renamed to "Cloud Policy service for Microsoft 365." In most cases, we'll just refer to it as Cloud Policy.
Cloud Policy lets you enforce policy settings for Microsoft 365 Apps for enterprise on a user's device, even if the device isn't domain joined or otherwise managed. When a user signs into Microsoft 365 Apps for enterprise on a device, the policy settings roam to that device. You can also enforce some policy settings for Office for the web, both for users who are signed in and for users who access documents anonymously.
For more information, see Overview of Cloud Policy service for Microsoft 365.
The Office Customization Tool creates the configuration files that are used to deploy Office in large organizations. These configuration files give you more control over an Office installation: you can define which applications and languages are installed, how those applications should be updated, and application preferences. After creating the configuration files, you can use them with the Office Deployment Tool to deploy a customized version of Office.
Note
For more information, see Overview of the Office Customization Tool.
Microsoft 365 Apps health monitors reliability and performance metrics and provides custom guidance to help optimize and troubleshoot Microsoft 365 Apps on your client devices. If you're curious about application crash rate or boot time on a specific Microsoft 365 Apps version, you can see the insights within Apps Health. For more information, see Microsoft 365 Apps health.
You can use the inventory page to see information about the devices in your organization, including hardware, operating system, and the Office software running on that device. Insights about channel, version, build, and even last signed in user are available. For more information, see Overview of inventory.
You can use the security update status page in the Microsoft 365 Apps admin center to see which devices have installed the latest security updates for Office. Additionally, set a goal for your organization to achieve. For more information, see Overview of the security update status.
With cloud update, you can automatically deliver monthly Microsoft 365 Apps updates to devices on Current Channel or Monthly Enterprise Channel. The updates are automated and sourced from the Office Content Delivery Network (CDN) on the internet, which allows for maximum uptime and minimizing end user impact and interruption. For more information, see Overview of cloud update.
Update validation enables administrators to test updates on a select group of devices prior to a full rollout. This feature safeguards against update-related disruptions by monitoring key performance and stability metrics. It delivers precise insights for proactive issue resolution, empowering admins to deploy updates with assurance. If issues are detected, it pinpoints the impacted devices and apps, offering solutions such as rollback or update suspension. For more information, see Update Validation.
You can use the OneDrive sync health dashboard to check the sync status and sync app version of individual devices, monitor Known Folder Move roll out, and track sync errors. For more information, see OneDrive sync reports in the Apps Admin Center.
Training
Module
Deploy Microsoft 365 Apps for enterprise - Training
This module examines how to implement the Microsoft 365 Apps for enterprise productivity suite in both user-driven and centralized deployments.
Certification
Microsoft 365 Certified: Endpoint Administrator Associate - Certifications
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.