Setting Up Role-Based Access Control for Preserve365
This documentation is useful for the following roles - Microsoft 365 Global Admin & Microsoft 365 Privileged Role Administrators. Valid from v.25.8.1 Preserve365 relies on Microsoft Entra ID (formerly Azure AD) to manage who can do what inside the application. By assigning application roles through Security Groups, you keep control within your existing Microsoft 365 identity model. There are no parallel accounts or ad-hoc permissions to manage.This setup ensures: Users authenticate with their normal Microsoft 365 account. Permissions are centrally managed through Entra, consistent with your wider security model. Access is scalable and auditable, aligned with enterprise best practice. Prerequisites To assign Preserve365 roles using Security Groups, you’ll need rights to create and manage role-assignable security groups in Microsoft Entra. At minimum, this requires the Privileged Role Administrator role. A Global Administrator (or equivalent) will also have sufficient permissi