Microsoft Entra ID · Reporting & Knowledge
Reports Reader
Can read sign-in and audit reports, and view the Microsoft Agent 365 overview and agent registry for the tenant including agent metadata. Ideal for compliance and security monitoring without broader administrative permissions.
Scope: Read-only access to sign-in activity, audit logs, and Microsoft 365 usage reports
Permissions
- Read sign-in reports
- Read audit logs
- Read usage reports
- Read M365 usage analytics
- View Microsoft Agent 365 overview and agent registry with full agent metadata
- Access reporting dashboards
- Export report data
Common use cases
- Security monitoring and alerting
- Compliance reporting
- Usage analytics review
- Audit log analysis
- Sign-in pattern investigation
- License utilization reporting
Best practices
- Use for dedicated monitoring personnel
- Combine with Security Reader for full visibility
- Create scheduled report exports
- Set up log analytics for advanced queries
- Document baseline normal activity
Security considerations
- Read-only role with no modification capability
- Can view sensitive user activity data
- Sign-in data may reveal user behavior patterns
- Audit logs may contain configuration details