Last Updated on May 14, 2025
Not sure if you can access the admin center?
In this guide, let’s talk about the different admin center roles in SharePoint Online and what they can do.
Let’s get started.
Table of Contents:
You already know that not everyone in Microsoft 365 can access the SharePoint admin center.
Only specific roles have the right permissions to manage settings and features there.
To make it simple, there are only 2 roles that can do that:
- Global administrator
- SharePoint administrator
These are the only two roles that can log into the SharePoint admin center.
Even though other roles like Teams Admin or Exchange Admin have administrative power, they can’t touch SharePoint settings.
If you’re trying to manage sharing policies, storage limits, or site creation rules, you will need one of the two roles above.
Also note: being a site owner doesn’t grant you access to the admin center (this role is site-specific, not tenant-wide).
Sign up for exclusive updates, tips, and strategies
Global Administrator Role
The global administrator role is the top-level role in Microsoft 365, with full control over all services.
If you’re a global admin, you can do everything the SharePoint admin can, and more, of course. 🙂
Here’s what this role has:
- Full access across Microsoft 365 services (Teams, OneDrive, Exchange, etc.)
- Can assign and remove admin roles (including other global admins)
- Manages organization-wide settings (billing, security defaults, user licenses, etc.)
Because this role has so much power, it’s usually given to only a small number of users (too many can lead to security risks).
Microsoft even recommends keeping it to just a few trusted people.
Now this one is for users who need to manage SharePoint but don’t need access to everything else in Microsoft 365.
As its name suggests, it gives full control over SharePoint settings without the risks tied to being a global admin.
Here’s what the SharePoint admin can do:
- Manage the SharePoint admin center (including all site settings, policies, etc.)
- Control external sharing
- Create and delete sites
- Manage storage settings and quotas
- Configure OneDrive settings
This role is a safer way to delegate SharePoint responsibilities without opening the door to broader Microsoft 365 systems.
It’s especially useful in larger orgs where you need to split responsibilities between teams.
When it comes to managing SharePoint, both the admin roles can get the job done.
But the scope of what they control is very different:
| Category | Global Admin | SharePoint Admin |
| Access Scope | Full access to all Microsoft 365 admin centers | Access limited to SharePoint admin center |
| Role Assignments | Can assign or remove any admin role | Cannot assign or manage roles |
| Permissions Outside SharePoint | Manages licenses, billing, security, etc. | No access to other Microsoft 365 services |
| Risk Level | High-level access with higher security risks | More focused with lower impact |
If you’re a global admin yourself and you’re unsure which role to give, start by asking what the person really needs access to.
If it’s just SharePoint, the SharePoint Admin role is a safer, more focused option.
But if someone needs to manage the full Microsoft 365 environment, they will need the broader power of a Global Admin.
Other Admin Roles (But No Admin Center Access)
There are several admin roles in Microsoft 365 that sound powerful but don’t include access to the SharePoint admin center.
That includes:
- Exchange Administrator
- Teams Administrator
- User Administrator
- Billing Administrator
- Compliance Administrator
Even though these roles are called “admins,” they don’t grant any rights in the SharePoint admin center.
That’s something only the Global Admin and SharePoint Admin can access.
If someone in one of these roles tries to manage SharePoint, they will hit a wall.
Anyway, do you have any questions about SharePoint admin center roles? Let me know below.
For any business-related queries or concerns, contact me through the contact form. I always reply. 🙂
