Microsoft 365
Global Reader
Read-only access across all Microsoft 365 services without the ability to make changes.
Scope: Organization-wide read-only access to all Microsoft 365 services
Permissions
- View all Microsoft 365 and Entra ID settings
- Read all compliance and security configurations
- Access reports and analytics across all services
- Read audit logs and activity reports
Common use cases
- Auditors needing visibility without change capability
- Executives requiring dashboard access
- Compliance monitoring
Best practices
- Use instead of Global Admin for read-only needs
- Combine with service-specific reader roles as needed