> ## Documentation Index
> Fetch the complete documentation index at: https://specterops-bp-2735-release-notes.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# AZPrivilegedAuthAdmin

> The principal has the Privileged Authentication Administrator Entra ID role active against the target tenant.

<img noZoom src="https://mintcdn.com/specterops-bp-2735-release-notes/2djt2Sp9UeFPjBFr/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=2djt2Sp9UeFPjBFr&q=85&s=a791748158fde5ff3b3b82b51497ab39" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

Principals with this role can update sensitive properties for all users. Privileged Authentication Administrator can set or reset any authentication method (including passwords) for any user, including Global Administrators.

## Abuse Info

See the abuse info under [AZAddSecret](/resources/edges/az-add-secret) or [AZResetPassword](/resources/edges/az-reset-password).

## Opsec Considerations

See the opsec consideration under [AZAddSecret](/resources/edges/az-add-secret) or [AZResetPassword](/resources/edges/az-reset-password).

## References

* [Microsoft Entra built-in roles: Privileged Authentication Administrator](https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/permissions-reference#privileged-authentication-administrator)
