Forum Discussion

Fernando-Ribeiro's avatar
Fernando-Ribeiro
Copper Contributor
Feb 25, 2026

PIM

Hello, everyone.   I need some help. We already use PIM for Just-in-Time activation of administrative functions in Entra ID, but we would like something more granular. For example, we want certain ...
Access Management
microsoft 365
microsoft entra
Josimar-Hedler's avatar
Josimar-Hedler
MCT
Feb 27, 2026

Fernando-Ribeiro​ 
Hello

PIM controls the Just-in-Time activation of administrative functions, but does not require approval for specific actions after role activation.

For scenarios where certain tasks in Microsoft 365 (such as access to sensitive data or critical operations) require individual request and approval, the appropriate feature is Microsoft 365 Privileged Access (in the Microsoft Purview/Compliance portal).

It allows you to configure policies where even active administrators via PIM need to submit a request to perform specific privileged tasks, with a defined approval flow.

In other words, granular control per action is not only done by PIM; it is necessary to combine it with Privileged Access in Microsoft 365.
I have a full article on how to configure PAM, if that helps.

https://jornada365.cloud/entra-id-como-definir-uma-estrategia-de-privileged-access-management-pam/