Give users access to the Security & Compliance Center

Tip

Did you know you can try the features in Microsoft 365 Defender for Office 365 Plan 2 for free? Use the 90-day Defender for Office 365 trial at the Microsoft 365 Defender portal trials hub. Learn about who can sign up and trial terms here.

Applies to

• Exchange Online Protection
• Microsoft Defender for Office 365 plan 1 and plan 2
• Microsoft 365 Defender

Users need to be assigned permissions in the Security & Compliance Center before they can manage any of its security or compliance features. As a global admin or member of the OrganizationManagement role group in the Security & Compliance Center, you can give these permissions to users. Users will only be able to manage the security or compliance features that you give them access to.

For more information about the different permissions you can give to users in the Security & Compliance Center, check out Permissions in the Security & Compliance Center.

What do you need to know before you begin?

• You need to be a global admin, or a member of the OrganizationManagement role group in the Security & Compliance Center, to complete the steps in this article.

• Role groups for the Security & Compliance Center might have similar names to the role groups in Exchange Online, but they're not the same.

• Role group memberships aren't shared between Exchange Online and the Security & Compliance Center.

• Delegated Access Permission (DAP) partners with Administer On Behalf Of (AOBO) permissions can't access the Security & Compliance Center.

Use the Security & Compliance Center to give another user access to the Security & Compliance Center

1. Open the Security & Compliance Center at https://protection.office.com and then go to Permissions. To go directly to the Permissions tab, open https://protection.office.com/permissions.

2. From the list of role groups, choose the role group, and then click Edit .

3. In the role group's properties page under Members, click Add and select the name of the user (or users) you want to add.

4. When you've selected all of the users you want to add to the role group, click add-> and then OK.

5. When you're finished, click Save.

Use Security & Compliance PowerShell to give another user access to the Security & Compliance Center

1. Connect to Security & Compliance PowerShell.

2. Use the following syntax:

   Add-RoleGroupMember -Identity <RoleGroup> -Member <UserIdentity>
   
   - _Identity_ is the role group.
   - _Member_ is the user or universal security group (USG). You can specify only one member at a time.
   
   This example adds MatildaS to the Organization Management role group.
   
   ```PowerShell
   Add-RoleGroupMember -Identity "Organization Management" -Member MatildaS
   

For detailed syntax and parameter issues, see Add-RoleGroupMember

How do you know this worked?

To verify that you've successfully granted access to the Security & Compliance Center, do either of the following steps:

• In the Security & Compliance Center, go to Permissions and select the role group. In the details flyout that opens, verify the members of the role group.

• In Security & Compliance PowerShell, replace <RoleGroupName> with the name of the role group, and run the following command:

  Get-RoleGroupMember -Identity "<RoleGroupName>"
  

  For detailed syntax and parameter information, see Get-RoleGroupMember.