Group Details Page

The Microsoft Entra ID Group Details page provides information about the group including threats generated by it's members, a list of members, the groups that the group is part of, the group owners, and the roles assigned to the group.

The top of the page displays a profile card which may contain the following information about the group:

• Name
• Security Enabled
• Assignable to Role
• Object ID
• Object Type
• Tenant
• Tags

The page has the following tabs:

• Threats Tab
• Members Tab
• Group Membership Tab
• Owners Tab
• Roles Tab

Threats Tab

The Threats tab for a user displays the threats for the user by timeframe.

A key for threat types is displayed below the chart.

Members Tab

The Members tab displays information of Entra ID group members.

The table displays the following columns:

• Name – The display name of the member within Microsoft Entra ID

• Domain – The Microsoft Entra ID tenant domain name

• Email – The email address of the member

• Title – The member's job title

• Department – The member's department

Group Membership Tab

The Group Membership tab displays groups in which the group is a member.

The Group Membership tab displays two tables:

• Direct Member Of – Lists groups the group is a direct member of

• Indirect Member Of – Lists groups the group is a member of via membership in a nested group

Each table has the following columns:

• Name – The name of the group. Click the link to view group details. See the Group Details Page topic for additional information
• Group Type – The type of group within Microsoft Entra ID
• Membership Type - How the group membership was assigned
• Security Enabled - Shows whether or not the "Security Enabled" flag is enabled within Microsoft Entra ID, if enabled it means that this type of group is used to manage user and computer access to shared resources for a group of users
• Role Assignments Allowed - This flag shows whether or not a group can be assigned a role within Microsoft Entra ID
• Tags - The tags associated with the group

Owners Tab

The Owners tab shows which objects can manage the group, these are the "owners".

The table displays the following columns:

• Name – The display name of the owner
• Type – The type of Entra ID object
• Email – The email associated with the owners object

Roles Tab

The Roles tab displays information about roles assigned to the group.

The Roles tab displays two tables:

• Eligible Assignments – Lists the roles that the group is eligible for. An eligible assignment refers to a role assignment that a user or group can activate when needed but is not permanently active

• Active Assignments – Lists roles that are currently active and usable to the group

The eligible assignments table has the following columns

• Role - Roles the group is eligible for
• Scope - Defines the boundary within which the assigned role permissions are valid
• Inherited from - How the eligible assignment was inherited
• Start Time - When the group is eligible for the role
• End Time - When the role eligibility expires
• Privileged - If the role is privileged or not. A privileged role in Microsoft Entra ID grants elevated permissions for high-level administrative tasks.

The active assignments table has the following columns

• Role - Roles that are currently active
• Scope - Defines the boundary within which the assigned role permissions are valid
• Inherited from - How the eligible assignment was inherited
• Assignment Type - How was the active role assignment assigned
• Start Time - When the group is eligible for the role
• End Time - When the role eligibility expires
• Privileged - Whether or not the role is privileged (the role has elevated permission or administrative access to EntraID resources)