Microsoft Entra ID · Identity Governance

Attribute Definition Reader

Reads the definition of custom security attributes but cannot assign values.

Scope: Read-only access to custom security attribute schema

Permissions

Read attribute set properties
Read custom security attribute definitions

Common use cases

Auditing attribute definitions
Understanding attribute structure
Compliance reporting

Best practices

Use for audit scenarios
Combine with other attribute roles as needed

Security considerations

Can see all attribute definitions
Cannot see attribute values on objects

Official Microsoft Learn documentation →

Open the interactive RBACMap →