Patch My PC Ideas & Feedback

A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:

Add a new idea Subscribe
80 VOTE
Status SUBMITTED
Categories Patch My PC Cloud
Created by Danyal Aboobakar
Created on Jan 8, 2025

RELATED IDEAS

Custom admin roles

Can we have custom admin roles?

We have a use case where some of our Service Desk engineers will be packaging apps and it would seem "Intune App admin" is a good fit. But there are some permissions where I am not comfortable them having access to, such as branding, environment and other key settings. However, I want them to still be able to view deployments and view events, so "Custom App admin" does not give enough permissions.


Would it be possible to have custom roles implemented where I can pick and choose what permissions I want to give users? This would also be beneficial in a security standpoint in providing least-privileged access for the engineer to carry out their job.

  • Attach files
  • Kristen Schumm
    Feb 9, 2026

    Teams that use Admin accounts that aren't email enabled and have their regular email enabled accounts with Read-Only access to the PMPC Cloud Portal aren't able to open a case through the portal under Read-Only accounts. They get a message "You don't have permissions to send." The User Permissions Docs page doesn't specify which roles have the send permission to open a case. Having the ability to make a custom role would enable customers to have read-only user accounts that are granted the send permission

    Reply
  • Remy Kuster
    Dec 22, 2025

    This would be great, because why have a custom app and a intune apps role but our packagers neeed both, so creating you own custom role wouild be great!

    Reply
  • Dean Tammam
    Sep 2, 2025

    Confirming this would be useful as well. The more granular, the better. For example, we'd want folks to have the ability to create new apps in the portal but not modify existing

    Reply
  • S
    Mar 20, 2025

    Yes, to more granular permissions! Whether a user can read/write packages, deploy or make adjustments. Deploy only Mac (I hear coming soon?) or Win deployments.

    Reply
  • Adam Delamare
    Jan 10, 2025

    This would be useful within our team as well. We have staff who would package custom apps and deploy intune apps but don't really want them to have full admin access.

    1 reply
  • +49