Microsoft Viva: Introducing Viva Engage Role Management APIs on Microsoft Graph

🚨 The Signal: New Microsoft Graph APIs allow programmatic management of all Viva Engage roles, including Corporate Communicator and Network Administrator. This centralises role assignment and auditing, reducing manual effort and improving consistency for identity governance.

The Impact

Admins are affected by new automation capabilities, reducing the risk of manual misconfigurations in Viva Engage role assignments.

• Security Teams: Reduced risk of unauthorised access due to consistent, automated role assignments.
• Admins: Streamlined role management, decreasing manual errors and improving auditability.
• Compliance Teams: Enhanced ability to demonstrate adherence to access control policies for Viva Engage.

The Action

1. Review existing Viva Engage role assignment processes for automation opportunities using the new Graph APIs.
2. Develop scripts or integrations to automate assignment and revocation of Viva Engage roles.
3. Implement regular auditing of Viva Engage role assignments via Graph API to ensure least privilege.
4. Update internal documentation for Viva Engage role management to include API-driven processes.
5. Integrate Viva Engage role management into existing identity governance workflows.

Domain: Entra · Impact: medium · Workload: Entra ID · Essential Eight: Restrict Administrative Privileges · ISM: ISM-0445, ISM-1175, ISM-1380, ISM-1507, ISM-1508, ISM-1509, ISM-1647, ISM-1648, ISM-1650, ISM-1686, ISM-1688, ISM-1689, ISM-1883, ISM-1897, ISM-1898