357 votes40 comments · Azure Active Directory » Role-based Access Control · Flag idea as inappropriate… · Admin →
Just a quick update here. We’re still actively working on support for custom roles (RBAC) across Azure AD. Stay tuned for more announcements in the next couple of months.
You can have a look at what we’ve shipped thus far (custom roles for application registration management) here – https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/roles-custom-overview.
Azure Active Directory Team
An error occurred while saving the commentRocky Ortega commented
It looks like the current Custom Role is limited to only "Microsoft.directory/apps" but this functionality would be super helpful if you could edit the "Microsoft.directory/user" to expand the Guest Inviter role to still be able to invite guests, but not see all items in the tenant. This would be a big step forward in B2B access for external clients to invite and manage their users without seeing the host tenant.Rocky Ortega supported this idea ·