Microsoft Purview · Data Map Collections
Insights Reader
Read-only access to Data Estate Insights reports and analytics for collections where also assigned Data Reader role.
Scope: Insights reports for collections where user also has Data Reader role
Permissions
- View Data Estate Insights reports for assigned collections
- Access asset distribution and classification analytics
- View scan history and metadata ingestion statistics
- Read sensitivity labeling reports and coverage metrics
- Access glossary term usage and adoption insights
- View data source and scan performance metrics
Common use cases
- Data governance teams monitoring catalog health and coverage
- Management reviewing data classification and labeling progress
- Compliance teams assessing sensitivity label application rates
- Data stewards tracking glossary term adoption
- IT teams monitoring scan performance and success rates
- Executives reviewing data governance program maturity
Best practices
- Assign alongside Data Reader role for comprehensive reporting access
- Use insights to identify gaps in data classification or glossary coverage
- Regular review of scan success rates to identify issues
- Share insights with stakeholders to demonstrate governance progress
- Combine with Power BI for custom dashboard creation if needed
Security considerations
- Read-only access with minimal security concerns
- Aggregate data only - no individual asset details without Data Reader
- Insights may reveal organizational data governance maturity gaps
Common questions
When should I assign the Insights Reader role?
Assign Insights Reader when you need to: Data governance teams monitoring catalog health and coverage; Management reviewing data classification and labeling progress; Compliance teams assessing sensitivity label application rates; Data stewards tracking glossary term adoption; and IT teams monitoring scan performance and success rates. It is part of Microsoft Purview and should be granted as a least-privilege alternative to broader roles like Global Administrator.
What can someone with the Insights Reader role do?
The Insights Reader role grants permissions including: View Data Estate Insights reports for assigned collections; Access asset distribution and classification analytics; View scan history and metadata ingestion statistics; Read sensitivity labeling reports and coverage metrics; Access glossary term usage and adoption insights; and View data source and scan performance metrics. See the Permissions section above for the full list.
What are the security risks of the Insights Reader role?
Key considerations when assigning Insights Reader: Read-only access with minimal security concerns; Aggregate data only - no individual asset details without Data Reader; and Insights may reveal organizational data governance maturity gaps. Review the Security considerations section before assignment, and pair with Privileged Identity Management (PIM) for just-in-time access where possible.