I’ve been configuring custom RBAC roles, and even though the “Response (manage)” permission in the Security Operations permissions group includes “approve or dismiss pending remediation actions,” it doesn’t work.  I’ve tried it with pending “soft delete emails” actions in the Action Center, and I get an error.  The only way we can approve or reject these actions is with the Entra Security Administrator role checked out.

Does anyone know which RBAC permission is supposed to grant the rights to approve these remediation actions?

​I’ve been configuring custom RBAC roles, and even though the “Response (manage)” permission in the Security Operations permissions group includes “approve or dismiss pending remediation actions,” it doesn’t work.  I’ve tried it with pending “soft delete emails” actions in the Action Center, and I get an error.  The only way we can approve or reject these actions is with the Entra Security Administrator role checked out. Does anyone know which RBAC permission is supposed to grant the rights to approve these remediation actions?  Read More

​