Security Reader

Last updated: November 16, 2023
Audience: IT Staff / Technical

Users with the Security Reader Entra ID role have read-only access to all information in Entra ID as well as the ability to access Entra ID reports and audit logs. This document can not exhaustively cover how to use this role, but instead is intended as initial orientation.

More information about this role is published by Microsoft at https://docs.microsoft.com/en-us/azure/active-directory/active-directory-assign-admin-roles.

Users with this role can access information via many different methods. The table below lists the most common methods for a given type of information, separating them by the 2 primary types of access desired.

Do note that none of these methods are necessarily equivalent in terms of the information provided, so you may need to explore all possible methods and the documented capabilities to find the information desired.

Entra ID object information Entra ID audit logs & reports O365 object info O365 audit logs & reports
Interactive access
Programmatic access