Assign a user to administrator roles in Azure Active Directory

This article explains how to assign an administrative role to a user in Azure Active Directory (Azure AD). For information about adding new users in your organization, see Add new users to Azure Active Directory. Added users don't have administrator permissions by default, but you can assign roles to them at any time.

Assign a role to a user

  1. Sign in to the Azure portal with an account that's a global admin or privileged role admin for the directory.

  2. Select Azure Active Directory, select Users, and then select a specific user from the list.

    Opening user management

  3. For the selected user, select Directory role, select Add role, and then pick the appropriate admin roles from the Directory roles list, such as Conditional access administrator. For more information about administrative roles, see Assigning administrator roles in Azure AD.

    Assigning a user to a role

  4. Press Select to save.

Next steps