Share via

Permissions or roles required for MTO

Rakesh Singh 370 Reputation points
2025-03-03T23:21:19.5866667+00:00

Hi Team,

Need to know what permissions or roles required to enable MTO and then be able to configure all configurations under Cross Tenant access settings (including cross tenant synchronization settings). It is a bit confusing to clearly understand the permissions required for it all.

Any assistance would be great.

Regards,
Rakesh Singh

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
3,070 questions
0 comments
Accepted answer
  1. Venkata Jagadeep 255 Reputation points Microsoft External Staff
    2025-03-04T00:58:28.9+00:00

    Hello Rakesh Singh,

    Thank you for posting your query in Microsoft Q&A.

    We cannot specify a single role or permission to configure MTO.

    Only an owner tenant can edit the MTO name in an MTO.

    The tenant that creates the multitenant organization is known as the owner while other tenants that join the multitenant organization are known as members. Once the global administrator in the owner tenant creates the multitenant organization, they can invite member tenants. A global administrator in each member tenant can then join the multitenant organization.

    Summary of Permissions for Multi-Tenant Management

    permissions

    Please refer the below document

    https://learn.microsoft.com/en-us/entra/identity/multi-tenant-organizations/cross-tenant-synchronization-configure

    Please let us know if you have further questions on this.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.