You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: microsoft-365/lighthouse/m365-lighthouse-overview-of-permissions.md
+16-4Lines changed: 16 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -34,16 +34,28 @@ To use Lighthouse, you need a combination of roles assigned via RBAC and GDAP.
34
34
35
35
## Managing Lighthouse RBAC permissions in the partner tenant
36
36
37
-
Lighthouse permissions in the partner tenant are managed by assigning RBAC roles. Each role has a set of permissions that determines which data users can access and change within the partner tenant.
37
+
Lighthouse permissions in the partner tenant are managed by assigning RBAC roles. Each role has a set of permissions that determines which data users can access and change within the partner tenant. Administrators in Lighthouse should use a combination of RBAC and GDAP to provide least-privileged access to data based on the tasks each user needs to perform.
38
38
39
-
RBAC roles are managed from the Lighthouse permissions page in Lighthouse. To access the Lighthouse permissions page and manage permissions, you must be a Global Administrator in Microsoft Entra ID. To learn more, see [Manage Lighthouse RBAC permissions in Microsoft 365 Lighthouse](m365-lighthouse-manage-lighthouse-rbac-permissions.md).
39
+
RBAC roles are managed from the Lighthouse permissions page in Lighthouse. To access the Lighthouse permissions page and manage permissions, you must have one of the following roles:
40
40
41
-
There's currently only one Lighthouse RBAC role: Lighthouse Account Manager. The following table describes the Lighthouse Account Manager role.
41
+
- Global Administrator in Microsoft Entra ID
42
+
- Lighthouse Administrator in Microsoft 365 Lighthouse
42
43
43
-
| Lighthouse RBAC role | Description |
44
+
To learn more, see [Manage Lighthouse RBAC permissions in Microsoft 365 Lighthouse](m365-lighthouse-manage-lighthouse-rbac-permissions.md).
45
+
46
+
The following table provides an overview of the different RBAC roles. For a list of actions each role can perform in the partner tenant, see [Lighthouse RBAC roles and capabilities](#lighthouse-rbac-roles-and-capabilities).
47
+
48
+
| Lighthouse RBAC role | Overview |
44
49
|---|---|
50
+
| Lighthouse Administrator | Text |
51
+
| Lighthouse Operator | Text |
52
+
| Lighthouse Reader | Text |
45
53
| Lighthouse Account Manager | Provides full access to Sales Advisor pages and data across the entire partner tenant. Lighthouse Account Managers can export Sales Advisor data. |
46
54
55
+
56
+
57
+
58
+
47
59
## Lighthouse RBAC roles and capabilities
48
60
49
61
The following table describes the actions that Lighthouse Account Managers can perform in Lighthouse.
0 commit comments