They can manage their own profile, change their own password, and retrieve some information about other users, groups, and apps. Guest users have restricted directory permissions. These users can also read all directory information (with a few exceptions). Member users can register applications, manage their own profile photo and mobile phone number, change their own password, and invite B2B guests.
Here are the capabilities of the default permissions: For more information about adding guest users, see What is Azure AD B2B collaboration?. The set of default permissions depends on whether the user is a native member of the tenant (member user) or whether the user is brought over from another directory as a business-to-business (B2B) collaboration guest (guest user). The default user permissions can be changed only in user settings in Azure AD. This article describes those default permissions and compares the member and guest user defaults.
A user's access consists of the type of user, their role assignments, and their ownership of individual objects. In Azure Active Directory (Azure AD), all users are granted a set of default permissions.
0 kommentar(er)
