groups-view-assignments.md

title	description	author	manager	ms.service	ms.subservice	ms.topic	ms.date	ms.author	ms.reviewer	ms.custom
View roles assigned to a group in Microsoft Entra ID	Learn how the roles assigned to a group can be viewed using the Microsoft Entra admin center. Viewing groups and assigned roles are default user permissions.	rolyon	amycolannino	entra-id	role-based-access-control	how-to	08/08/2023	rolyon	vincesm	it-pro, has-azure-ad-ps-ref azure-ad-ref-level-one-done

View roles assigned to a group in Microsoft Entra ID

This section describes how the roles assigned to a group can be viewed using the Microsoft Entra admin center. Viewing groups and assigned roles are default user permissions.

Prerequisites

• Microsoft Graph PowerShell module when using PowerShell
• Admin consent when using Graph explorer for Microsoft Graph API

For more information, see Prerequisites to use PowerShell or Graph Explorer.

Microsoft Entra admin center

[!INCLUDE portal updates]

1. Sign in to the Microsoft Entra admin center.

2. Browse to Identity > Groups > All groups.

3. Select a role-assignable group that you are interested in.

4. Select Assigned roles. You can now see all the Microsoft Entra roles assigned to this group.

   

PowerShell

Get object ID of the group

Get-MgGroup -Filter "DisplayName eq 'Contoso_Helpdesk_Administrators'"

View role assignment to a group

Get-MgRoleManagementDirectoryRoleAssignment -Filter "PrincipalId eq '<object id of group>'" 

Microsoft Graph API

Get object ID of the group

Use the Get group API to get a group.

GET https://graph.microsoft.com/v1.0/groups?$filter=displayName+eq+'Contoso_Helpdesk_Administrator'

Get role assignments to a group

Use the List unifiedRoleAssignments API to get the role assignment.

GET https://graph.microsoft.com/v1.0/roleManagement/directory/roleAssignments?$filter=principalId eq

Next steps

• Use Microsoft Entra groups to manage role assignments
• Troubleshoot Microsoft Entra roles assigned to groups