Browse all topics
All guidesGlossary
Microsoft 365 essentials

Microsoft 365 admin center

A tour of the Microsoft 365 admin center — where to manage users, licences, services, and the specialist portals it links to.

The Microsoft 365 admin center, at admin.microsoft.com, is the primary tenant-level admin portal for Microsoft 365. It's where you manage users and licences, view service health, configure organisation-wide settings, and jump out to the specialist portals for each underlying service.

What you do here

  • Users: create and delete user accounts, reset passwords, assign licences, set up MFA, manage guest users.
  • Groups: manage Microsoft 365 Groups, distribution lists, mail-enabled security groups, and shared mailboxes.
  • Teams and devices: provision Teams Rooms devices, surface Hub displays, and other shared hardware.
  • Billing: subscriptions, payment methods, invoices, licence counts.
  • Service health: real-time status of every service and a record of past incidents.
  • Reports: usage analytics for email, Teams, OneDrive, SharePoint, and active users.
  • Settings: organisation profile, domains, customisation, security defaults, and feature toggles.
  • Setup: guided checklists for getting common services configured.

Most service-specific configuration lives in dedicated admin centers, which the main portal links to in the left-hand nav:

  • Microsoft Entra admin center — identity, users, Conditional Access, app registrations.
  • Exchange admin center — mail flow, mailbox settings, transport rules, anti-spam.
  • Teams admin center — Teams policies, meeting settings, Teams Phone configuration.
  • SharePoint admin center — sites, sharing settings, OneDrive policies.
  • Microsoft Purview portal — compliance, retention, DLP, eDiscovery.
  • Microsoft Defender portal — XDR, incidents, threat policies.
  • Intune admin center — device and app management.
  • Power Platform admin center — environments, Dataverse, Power Automate, Power Apps.

Roles and least privilege

Access to all of this is gated by Entra ID roles (Global Administrator, User Administrator, Exchange Administrator, etc.). The Global Admin role can do everything; everyone else should be granted the narrowest role that lets them do their job, with Privileged Identity Management activating high-privilege roles only when needed and ideally with approval.