What type of access does a read-only admin have?

A read-only admin in Okta is granted privileges that allow them to view settings and configurations without the ability to make any changes. This role is crucial in environments where oversight and auditing are needed without the risk of unintentional modifications or deletions.

The correct choice highlights that a read-only admin can view users only, which aligns with their primary function. They have visibility into users' profiles, information, and group memberships, but they cannot edit user attributes or perform any administrative actions that alter the existing configuration.

The other options imply capabilities that extend beyond mere observation. For example, modifying group settings, adding new groups, or deleting groups all require a level of administrative authority that is inconsistent with the principles of a read-only access role. Thus, the essence of a read-only admin is centered on providing visibility while safeguarding the integrity of the system from unauthorized changes.