Forum Discussion
EduardoNZ
Apr 03, 2017Brass Contributor
Grant access to Security Administrators on Secure Score
Hi,
The Security & Compliance portal has a 'security administrator' role, why couldn't members of that role been granted access to Secure Score?
At least the same security team that looks after the compliances can also use the Secure Store.
Thank you,
Eduardo
Hey Gents,
The non-global-admin access has been in place since April 2017. Any users with admin roles are able to access the Secure Score experience, but will not be able to make changes unless that change is in scope for the admin role they are assigned. If you aren't seeing that behavior, please do escalate to Microsoft support so they can help get it resolved.
Thanks!
Brandon Koeller
- Wahé YaghyazaryanCopper Contributor
I had the same issue (granting access to the secure score portal). Unfortunately i didn't found the answer here therefor I started troubleshooting.
Yes! Today I have found the solution.
Assigning the security reader rol will fix the issue but you should do that in azure portal rol assignments en not in the office 365 security & compliane / permissions.
It seams that these two section are not the same/ or not in synch.
- LUIS HUMBERTO POTES CASTELLOCopper Contributor
Hello, everyone
Did you manage to fix this? I'm having the same problem, I was appointed as a security admin yesterday, and have no way of seeing the secure score.
Secure score website, brings me to the 403 error as well.
Any tips on how you got this working?
Thanks
I thought they already did. Brandon Koeller should be able to confirm/deny.
- Brandon Koeller
Microsoft
Hey! Vasil's got it right. Any of the AAD-sourced admin roles (including Security Admin) is granted access to the Secure Score inclusive of the below (and sorry for the code framing...I'm being lazy):
/// The tenant admin role
/// </summary>
public const string TenantAdminRole = "TenantAdmin";
/// <summary>
/// The security admin role
/// </summary>
public const string SecurityAdminRole = "SecurityAdmin";
/// <summary>
/// The helpdesk administrator role
/// </summary>
public const string HelpdeskAdminRole = "HelpdeskAdmin";
/// <summary>
/// The exchange admin role
/// </summary>
public const string ExchangeAdminRole = "ExchangeAdmin";
/// <summary>
/// The share point admin role
/// </summary>
public const string SharePointAdminRole = "SharePointAdmin";
/// <summary>
/// The user account admin role
/// </summary>
public const string UserAccountAdminRole = "UserAccountAdmin";
Thanks! BK- EduardoNZBrass ContributorIt is not working on my tenant. I've added couple of people into the Security Admin group, they confirmed they can access the Security and Compliance portal but they got a 403, Access Denied, when browsing to Secure Score.
please note those users don't have any admin rights to SharePoint, Exchange, etc
Thanks,
Ed