Microsoft’s new built-in RBAC role → Teams external collaboration administrator role. (release on early Feb 2026).
Instead of granting full Teams admin privileges, this new role allows you to delegate only federation management. So if someone is responsible for external domain access, they can handle it without getting access to the entire admin center.
With this role, admins can:
- Configure external access for federated domains
- Allow or block external domains
- Manage external access policies
⚠️ One interesting twist: this role doesn’t provide access to the Teams admin center. All management is done only via PowerShell (didn’t expect that either).
If you’re following least-privilege best practices, this is a much cleaner way to delegate external collaboration tasks, without exposing the entire Teams environment.