Microsoft SharePoint roles and permissions

Role	Permission	Description
Microsoft OneDrive for Business Reader Can read all Microsoft OneDrive Command Blocks.	command.category.read	Can read all corresponding Command Block categories
	command.cmdonedrive.read	Can read all Microsoft OneDrive for Business Command Blocks and jobs
	command.jobs.read	Can read related Command Block jobs
	command.read	Can read all related Command Blocks
	organization.readbasic	Can read all basic organization properties (list)
	user.read	Can read all properties of a user (details)
	user.readbasic	Can read all basic user properties (list)
Microsoft OneDrive for Business Writer Can read and execute all Microsoft OneDrive Command Blocks.	command.category.read	Can read all corresponding Command Block categories
	command.cmdonedrive.read	Can read all Microsoft OneDrive for Business Command Blocks and jobs
	command.cmdonedrive.write	Can write all Microsoft OneDrive for Business Command Blocks and jobs
	command.jobs.read	Can read related Command Block jobs
	command.read	Can read all related Command Blocks
	organization.readbasic	Can read all basic organization properties (list)
	user.read	Can read all properties of a user (details)
	user.readbasic	Can read all basic user properties (list)
Microsoft SharePoint Online Reader Can read all Microsoft SharePoint Online Command Blocks.	command.category.read	Can read all corresponding Command Block categories
	command.cmdsharepointonline.read	Can read all Microsoft SharePoint Online Command Blocks and jobs
	command.jobs.read	Can read related Command Block jobs
	command.read	Can read all related Command Blocks
	organization.readbasic	Can read all basic organization properties (list)
	report.accesstoken.read	Can read Power BI report access token (list)
	report.read	Can read Power BI reports (list)
	user.read	Can read all properties of a user (details)
	user.readbasic	Can read all basic user properties (list)
Microsoft SharePoint Online Writer Can read and execute all Microsoft SharePoint Online Command Blocks.	command.category.read	Can read all corresponding Command Block categories
	command.cmdsharepointonline.read	Can read all Microsoft SharePoint Online Command Blocks and jobs
	command.cmdsharepointonline.write	Can write all Microsoft Share Point Online Command Blocks and jobs
	command.jobs.read	Can read related Command Block jobs
	command.read	Can read all related Command Blocks
	organization.readbasic	Can read all basic organization properties (list)
	report.accesstoken.read	Can read Power BI report access token (list)
	report.read	Can read Power BI reports (list)
	user.read	Can read all properties of a user (details)
	user.readbasic	Can read all basic user properties (list)
Microsoft Windows 365 Reader Can read all Microsoft Windows 365 Command Blocks.	command.category.read	Can read all corresponding Command Block categories
	command.jobs.read	Can read related Command Block jobs
	command.read	Can read all related Command Blocks
	command.windows365.read	Can read all Microsoft Windows 365 Command Blocks and jobs
	organization.readbasic	Can read all basic organization properties (list)
	user.read	Can read all properties of a user (details)
	user.readbasic	Can read all basic user properties (list)
Microsoft Windows 365 Writer Can write all Microsoft Windows 365 Command Blocks.	command.category.read	Can read all corresponding Command Block categories
	command.jobs.read	Can read related Command Block jobs
	command.read	Can read all related Command Blocks
	command.windows365.read	Can read all Microsoft Windows 365 Command Blocks and jobs
	command.windows365.write	Can write all Microsoft Windows 365 Command Blocks and jobs
	organization.readbasic	Can read all basic organization properties (list)
	user.read	Can read all properties of a user (details)
	user.readbasic	Can read all basic user properties (list)

Platform roles dictionary

Updated: Aug 01, 2025

Microsoft SharePoint roles and permissions

Related articles