Microsoft Purview · Global & Security Roles
Global Reader
Read-only access across all Microsoft 365 and Purview features without the ability to make changes.
Scope: Organization-wide read-only access to all Microsoft 365 services and Purview settings
Permissions
- Tenant Settings - View all Microsoft 365 and Entra ID settings
- Compliance Configuration - Read all compliance and security configurations
- Reports - Access Purview reports and analytics
- User Information - View user and group information
- Audit Logs - Read audit logs and activity reports
Common use cases
- Compliance auditors needing visibility
- Executive dashboards and reporting
- External consultants reviewing compliance posture
Best practices
- Use for auditors who need visibility without change permissions
- Ideal for executive reporting and compliance dashboards
- Safer alternative to Global Admin for read-only needs