Microsoft Power Platform · Tenant Administration

Power Platform Administrator

Tenant-wide administration of Power Platform: manage all environments, capacity, DLP policies, tenant settings. Cross-listed from Microsoft Entra ID.

Scope: Tenant-wide administration of Power Platform and Dataverse

Permissions

  • Environments - Create, manage, and delete all environments in the tenant
  • DLP policies - Configure tenant-wide Data Loss Prevention policies for connectors
  • Capacity - Manage Power Platform capacity (storage, API requests, AI Builder credits)
  • Tenant settings - Configure tenant-level Power Platform settings
  • Admin center - Full access to https://admin.powerplatform.microsoft.com
  • Analytics - View tenant-wide usage analytics
  • Recommendations - Manage tenant-level recommendations and best practices
  • Connections & gateways - Govern enterprise data gateways

Common use cases

  • Platform owner / Centre of Excellence (CoE) lead
  • Org-wide DLP policy enforcement for citizen developers
  • Cross-environment governance and reporting

Best practices

  • Limit to 2-5 users; use PIM for just-in-time activation
  • Pair with Power Platform CoE Kit for visibility
  • Use environment groups (preview) to govern at scale
  • Implement DLP policies before opening to citizen developers

Security considerations

  • Can read all flow run history and app data across environments
  • Can change DLP policies that gate connector usage org-wide
  • Tenant admin actions are audited via Microsoft Purview audit logs

Official Microsoft Learn documentation →

Open the interactive RBACMap →