To restore roles from an Entra ID backup, follow the steps described in this document. 

Tip: Before performing a restore, you may want to see all the attributes that exist for a role. You may also find it useful to compare object versions among different dates, then select which version to restore. If this is the case, see View Role Attributes & Restore Specific Versions.

Restore All or Specific Roles

To restore one or more roles from the latest Entra ID backup, follow these steps:

1. Navigate to the Syncro Tenant's Details Page. 
2. In the Cloud Backups section, locate the row for "Entra ID” in the Service column, then click Restore:
   
   The Cloud Backup for Entra ID Dashboard displays:
   
3. Select Roles > Custom or Roles > Built-In from the top navigation. A page with a list of all the Roles backed up from the Entra ID Tenant opens: 
   
   Notes: 
   • Since they can not be deleted from Entra ID, there is no need to ever restore Built-In roles. However, you can restore Role Assignments for Built-In Roles. See View Role Attributes & Restore Specific Versions.
   • The latest version from backup is always displayed in the table by default. 
4. For Custom Roles, locate the role(s) you want to restore. 
   Tip: Type any part of a Custom Role's Name or ID into the Search box to narrow the list. You can also sort by clicking any of the column headers.
5. Select the Custom Roles to restore:
   • To select all Custom Roles: Check the box in the header row of the table to select all Custom Roles in the Entra ID Tenant. 
   • To select specific Custom Roles: Check the box next to each Custom Role's name.
6. Click Restore Selected.
7. In the “Restore Data” pop-up window: 
   1. Use the calendar picker to select a snapshot date and time.
   2. Check the boxes for your desired restore options.
8. Once you have selected the options, click Restore.

View Role Attributes & Restore Specific Versions

Before performing a restore, it can be helpful to see all the attributes that exist for a role. Sometimes it may also be helpful to view and compare the object versions among different dates.

To do this, follow these steps:

1. Follow steps 1-3 as described in Restore All or Specific Roles.
2. Click a Role's name. This works for both Built-In and Custom Roles; the window displays more details about it:
   
3. Click the arrows to browse the different time points/version dates for the object. The version at the selected time point is always displayed. Red font indicates a changed value for that attribute.
4. If you already know which date's version you want to restore, click Restore This Version. 
5. Otherwise, click the “View Role Assignments” link. This displays the identities that have been granted the permissions defined by the role definition (users, groups or service principals).  

Tips:

• You can select any day and time from the calendar to view the Role Assignments of the selected time point. From there you can detect the timing of the changes, which will help you to choose the correct version date & time from the calendar.
• Changes to the List are recorded in the Log. 
• If the List is empty, there were no Role Assignments at the selected time. 

6. Click Restore This Version to start the restoration (or, click outside the window to close it).