@georges hayek - Welcome to Microsoft Q&A and thanks for reaching out to us.
In order to create a user and to be enabled only to a read only dashboards, please follow below:
- Once you create a new Azure AD user in your managing tenant, assign the user the "Reader" role.
- Onboard the user to each customer tenant using lighthouse and assign the user the "Reader" role in each customer tenant.
- In each Sentinel workspace, create a custom role that allows read only access to dashboards and then assign the custom role to the user in each sentinel workspace.
Hope this helps. and please feel free to reach out if you have any further questions.
If the above response was helpful, please feel free to "Accept as Answer" and click "Yes" so it can be beneficial to the community.