We have a couple of desktop support techs who are currently working to enroll computers in Intune. We are looking for a way to grant them access to Endpoint Manager with enough permissions to view and audit the list of enrolled devices. Is there a role that would allow this or does a new role need to be created or is this a can't accomplish task?
@Heimdalwk-1551 If we only want to have a user to view devices, it is suggested to create a custom role and set the permission "managed devices" to "Read".
Then configure the custom role's assignment. I add a user group in Members and all devices in Scope (Groups). 
When I use the user included in the user group to login the intune portal, I will view the devices. However, when I click on other page, it will block the access.
Hope it will give you some ideas.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I did see this but I wasnt sure what the difference was between All Intune data Intune audit data
I just need users to be able to view the devices that are currently enrolled in Intune but i wasnt sure if the permissions would be all intune data or audit data or something else.
8 people are following this question.
