![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 72%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGH%3C/text%3E%3C/svg%3E)
Azure Lighthouse
An Azure service that provides secure managed services and access control for partners and customers.
79 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
@georges hayek - Welcome to Microsoft Q&A and thanks for reaching out to us.
In order to create a user and to be enabled only to a read only dashboards, please follow below:
- Once you create a new Azure AD user in your managing tenant, assign the user the "Reader" role.
- Onboard the user to each customer tenant using lighthouse and assign the user the "Reader" role in each customer tenant.
- In each Sentinel workspace, create a custom role that allows read only access to dashboards and then assign the custom role to the user in each sentinel workspace.
Hope this helps. and please feel free to reach out if you have any further questions.
If the above response was helpful, please feel free to "Accept as Answer" and click "Yes" so it can be beneficial to the community.