Microsoft Entra ID · Access Reviews
Access Review Reviewer
Designated reviewer for access reviews who can approve or deny continued access. Cannot modify review settings.
Scope: Access decision making for assigned reviews only
Permissions
- Decisions - Review and make access decisions
- Decisions - Approve or deny continued access
- Review Scope - View review scope and members under review
- History - View review history for assigned reviews
- Notes - Add review notes and justifications
- Recommendations - Accept recommendations from system
- Limitation - Cannot modify review settings or scope
- Limitation - Cannot create new access reviews
Common use cases
- Manager reviews for team member access
- Application owner access reviews
- Group owner membership attestation
- Self-review for personal access
- Resource owner access certification
- Delegated access governance
Best practices
- Complete reviews before deadline
- Document removal justifications
- Use recommendations as guidance
- Review access context before deciding
- Ask for additional info when uncertain
- Consider job role when reviewing access
- Escalate questionable access patterns
Security considerations
- Review decisions affect user access
- Non-response can result in auto-removal
- Decisions are audited for compliance
- Consider least privilege when approving
- Monitor for rubber-stamp approval patterns