Microsoft Entra ID · Identity Governance
Attribute Definition Administrator
Define and manage the definition of custom security attributes that can be assigned to supported Microsoft Entra objects.
Scope: Definition and schema management for custom security attributes
Permissions
- Create attribute sets
- Define custom security attributes
- Activate/deactivate attributes
- Manage attribute definitions
- Configure attribute properties
Common use cases
- Custom attribute schema design
- Security classification attributes
- Project-based access control attributes
- Regulatory compliance tagging
- Data residency classification
Best practices
- Plan attribute schema carefully
- Use consistent naming conventions
- Document attribute purposes
- Consider attribute lifecycle
- Coordinate with assignment admins
Security considerations
- Attributes can drive access decisions
- Schema changes may impact policies
- Global Admins cannot see attributes by default
- Separate from assignment permissions