.png)
Page contents
Supported attributes
| Attribute | Description | Backed up | Restorable |
| id | The unique identifier for the role. Read-only. | Yes | No |
| description | Role description. Read-only when isBuiltIn is true. | Yes | No |
| isBuiltIn | Flag indicating if the role is part of the default set included with the product or custom. | Yes | No |
| isEnabled | Flag indicating if the role is enabled for assignment. | Yes | No |
| isPrivileged | Flag indicating if the role is privileged. Read-only. | Yes | No |
| rolePermissions | List of permissions included in the role. | Yes | Yes |
| templateId | Custom template identifier that can be set when isBuiltIn is false. | Yes | Yes |
| version | Indicates version of the role. | Yes | Yes |
| displayName | The display name for role. Read-only. | Yes | Yes |
| visibility | Controls whether the role is hidden or public. | No | No |
| inheritsPermissionsFrom | Read-only collection of role definitions that the given role definition inherits from. Only Microsoft Entra built-in roles (isBuiltIn is true) support this attribute. | No | No |
| resourceScopes | List of the scopes or permissions the role definition applies to. Read-only when isBuiltIn is true. | No | No |
Supported relationships
Role assignments
Note:
- Directory roles (also called built-in Entra ID roles) are read-only and cannot be deleted from Entra ID. The attributes of these roles cannot be restored, but their assigned relationships can.
- Custom roles can be modified and can be deleted from Entra ID. The attributes of these roles, as well as their assigned relationships, can be restored.
- Read about the limitations of Entra ID object recovery in Article 1554.
 1.png)