From e464da81558917d4041093580a4f8f2158f06705 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Mon, 30 Jun 2025 10:37:52 +0300 Subject: [PATCH 1/6] Weekly Permissions sync 2025-06-30 (#1180) --- permissions/new/ProvisioningInfo.json | 4 +- permissions/new/permissions.json | 95 ++++++++++++++++++++++++++- 2 files changed, 94 insertions(+), 5 deletions(-) diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json index 92573b2e..0751842a 100644 --- a/permissions/new/ProvisioningInfo.json +++ b/permissions/new/ProvisioningInfo.json @@ -5490,8 +5490,8 @@ { "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, - "isEnabled": false, + "isHidden": false, + "isEnabled": true, "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" } ], diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 0d4386c0..fcc7cff0 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -8283,6 +8283,11 @@ "/devicemanagement/virtualendpoint/reports/getrealtimeremoteconnectionlatency(cloudpcid={value})": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/reports/getrealtimeremoteconnectionstatus(cloudpcid={value})": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/serviceplans": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/{id}": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/retrievesettingcategories": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/retrievesettingdefinitions": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/retrievesettingtemplates": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/shareduseserviceplans": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/shareduseserviceplans/{id}": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/snapshots": "least=DelegatedWork,Application", @@ -8464,6 +8469,9 @@ "/devicemanagement/virtualendpoint/reports/gettotalaggregatedremoteconnectionreports": "", "/deviceManagement/virtualEndpoint/reports/retrieveCloudPcRecommendationReports": "least=DelegatedWork,Application", "/deviceManagement/virtualEndpoint/reports/retrieveCloudPcTroubleshootReports": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/{id}/assign": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/{id}/promoteToHighestPriority": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/uploadimage": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/usersettings/{id}/assign": "least=DelegatedWork,Application", "/me/cloudpcs/{id}/reboot": "least=DelegatedWork,Application", "/me/cloudpcs/{id}/rename": "least=DelegatedWork,Application", @@ -8488,6 +8496,7 @@ "/devicemanagement/virtualendpoint/deviceimages": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/externalpartnersettings": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/provisioningpolicies": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/usersettings": "least=DelegatedWork,Application", "/rolemanagement/cloudpc/roledefinitions": "", "/rolemanagement/devicemanagement/roledefinitions": "" @@ -8626,6 +8635,7 @@ ], "paths": { "/devicemanagement/virtualendpoint/provisioningpolicies/{id}": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/settingprofiles/{id}": "least=DelegatedWork,Application", "/rolemanagement/cloudpc/roledefinitions/{id}": "", "/rolemanagement/devicemanagement/roledefinitions/{id}": "" } @@ -19554,7 +19564,7 @@ "/identity/authenticationEventListeners/{id}/microsoft.graph.onAttributeCollectionSubmitListener/handler/microsoft.graph.onAttributeCollectionSubmitCustomExtensionHandler/customExtension": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onAuthenticationMethodLoadStartListener/handler/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onEmailOtpSendListener/handler/microsoft.graph.onOtpSendCustomExtensionHandler/customExtension": "least=DelegatedWork,Application", - "/identity/authenticationEventListeners/{id}/microsoft.graph.onFraudProtectionLoadStartListener/handler/microsoft.graph.onFraudProtectionLoadStartExternalUsersAuthHandler/signUp/fraudProtectionProvider": "least=DelegatedWork,Application", + "/identity/authenticationEventListeners/{id}/microsoft.graph.onFraudProtectionLoadStartListener/handler/microsoft.graph.onFraudProtectionLoadStartExternalUsersAuthHandler/signUp/microsoft.graph.fraudProtectionProviderConfiguration/fraudProtectionProvider": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onPageRenderStartListener/handler/microsoft.graph.onPageRenderStartBrandingOverrideHandler/brandingTheme": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onPageRenderStartListener/handler/microsoft.graph.onPageRenderStartCustomExtensionHandler/customExtension": "least=DelegatedWork,Application", "/identity/authenticationEventsFlows": "least=DelegatedWork,Application", @@ -19635,7 +19645,7 @@ "/identity/authenticationEventListeners/{id}/microsoft.graph.onAttributeCollectionSubmitListener/handler/microsoft.graph.onAttributeCollectionSubmitCustomExtensionHandler/customExtension": "", "/identity/authenticationEventListeners/{id}/microsoft.graph.onAuthenticationMethodLoadStartListener/handler/microsoft.graph.onAuthenticationMethodLoadStartExternalUsersSelfServiceSignUp/identityProviders": "", "/identity/authenticationEventListeners/{id}/microsoft.graph.onEmailOtpSendListener/handler/microsoft.graph.onOtpSendCustomExtensionHandler/customExtension": "", - "/identity/authenticationEventListeners/{id}/microsoft.graph.onFraudProtectionLoadStartListener/handler/microsoft.graph.onFraudProtectionLoadStartExternalUsersAuthHandler/signUp/fraudProtectionProvider": "", + "/identity/authenticationEventListeners/{id}/microsoft.graph.onFraudProtectionLoadStartListener/handler/microsoft.graph.onFraudProtectionLoadStartExternalUsersAuthHandler/signUp/microsoft.graph.fraudProtectionProviderConfiguration/fraudProtectionProvider": "", "/identity/authenticationEventListeners/{id}/microsoft.graph.onPageRenderStartListener/handler/microsoft.graph.onPageRenderStartBrandingOverrideHandler/brandingTheme": "", "/identity/authenticationEventListeners/{id}/microsoft.graph.onPageRenderStartListener/handler/microsoft.graph.onPageRenderStartCustomExtensionHandler/customExtension": "", "/identity/authenticationEventsFlows/{id}/microsoft.graph.externalUsersSelfServiceSignUpEventsFlow/onAttributeCollection/microsoft.graph.onAttributeCollectionExternalUsersSelfServiceSignUp/attributes": "", @@ -19656,7 +19666,7 @@ "/identity/authenticationEventListeners/{id}/microsoft.graph.onAttributeCollectionStartListener/handler/microsoft.graph.onAttributeCollectionStartCustomExtensionHandler/customExtension/$ref": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onAttributeCollectionSubmitListener/handler/microsoft.graph.onAttributeCollectionSubmitCustomExtensionHandler/customExtension/$ref": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onEmailOtpSendListener/handler/microsoft.graph.onOtpSendCustomExtensionHandler/customExtension/$ref": "least=DelegatedWork,Application", - "/identity/authenticationEventListeners/{id}/microsoft.graph.onFraudProtectionLoadStartListener/handler/microsoft.graph.onFraudProtectionLoadStartExternalUsersAuthHandler/signUp/fraudProtectionProvider/$ref": "least=DelegatedWork,Application", + "/identity/authenticationEventListeners/{id}/microsoft.graph.onFraudProtectionLoadStartListener/handler/microsoft.graph.onFraudProtectionLoadStartExternalUsersAuthHandler/signUp/microsoft.graph.fraudProtectionProviderConfiguration/fraudProtectionProvider/$ref": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onPageRenderStartListener/handler/microsoft.graph.onPageRenderStartBrandingOverrideHandler/brandingTheme/$ref": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onPageRenderStartListener/handler/microsoft.graph.onPageRenderStartCustomExtensionHandler/customExtension/$ref": "least=DelegatedWork,Application", "/identity/authenticationEventListeners/{id}/microsoft.graph.onTokenIssuanceStartListener/handler/microsoft.graph.onTokenIssuanceStartCustomExtensionHandler/customExtension/$ref": "least=DelegatedWork,Application", @@ -23558,6 +23568,85 @@ "ownerSecurityGroup": "GraphSPOApprovers" } }, + "FileStorageContainerTypeReg.Selected": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Access selected file storage container type registrations.", + "adminDescription": "Allows the application to manage selected file storage container type registrations on behalf of the signed in user. The user must be a SharePoint Embedded Admin or Global Admin.", + "userDisplayName": "Access selected file storage container type registrations.", + "userDescription": "Allows the application to manage selected file storage container type registrations on your behalf. You must be a SharePoint Embedded Admin or Global Admin.", + "requiresAdminConsent": false, + "privilegeLevel": 2 + }, + "Application": { + "adminDisplayName": "Access selected file storage container type registrations.", + "adminDescription": "Allows the application to manage file storage container type registrations without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "PUT" + ], + "paths": { + "/storage/fileStorage/containerTypeRegistrations": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/storage/fileStorage/containerTypeRegistrations": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork,Application", + "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "GraphSPOApprovers" + } + }, "Financials.ReadWrite.All": { "authorizationType": "oAuth2", "schemes": { From ac85456b12351a82c7183135b7dbd0b95b30c567 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Tue, 1 Jul 2025 14:41:39 +0300 Subject: [PATCH 2/6] Weekly Permissions sync 2025-07-01 (#1181) --- permissions/new/ProvisioningInfo.json | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json index 0751842a..cfffa50c 100644 --- a/permissions/new/ProvisioningInfo.json +++ b/permissions/new/ProvisioningInfo.json @@ -10433,6 +10433,42 @@ "resourceAppId": "" } ], + "ResponderFormBody.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" + } + ], + "ResponderFormResponse.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" + } + ], "RiskPreventionProviders.Read.All": [ { "id": "e197c06f-ae7b-4398-b0a2-89f76ebca159", From cd6ca5ceebfd4bd25fe1aea4a6bf2207b38918de Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Thu, 3 Jul 2025 11:02:27 +0300 Subject: [PATCH 3/6] Weekly Permissions sync 2025-07-03 (#1184) --- permissions/new/permissions.json | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index fcc7cff0..3a0cfc74 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -8269,6 +8269,7 @@ "/devicemanagement/virtualendpoint/cloudpcs/{id}": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/cloudpcs/{id}/getcloudpcconnectivityhistory": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/cloudpcs/{id}/getCloudPcLaunchInfo": "least=DelegatedWork,Application", + "/devicemanagement/virtualendpoint/cloudpcs/retrievecloudpccountbystatus": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/deviceimages": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/deviceimages/{id}": "least=DelegatedWork,Application", "/devicemanagement/virtualendpoint/deviceimages/getsourceimages": "least=DelegatedWork,Application", @@ -8412,6 +8413,7 @@ "/devicemanagement/virtualendpoint/cloudpcs/{id}": "", "/devicemanagement/virtualendpoint/cloudpcs/{id}/getcloudpcconnectivityhistory": "", "/devicemanagement/virtualendpoint/cloudpcs/{id}/getCloudPcLaunchInfo": "", + "/devicemanagement/virtualendpoint/cloudpcs/retrievecloudpccountbystatus": "", "/devicemanagement/virtualendpoint/deviceimages/getsourceimages": "", "/devicemanagement/virtualendpoint/galleryimages": "", "/devicemanagement/virtualendpoint/galleryimages/{id}": "", @@ -18549,8 +18551,8 @@ "authorizationType": "oAuth2", "schemes": { "Application": { - "adminDisplayName": "Read all tenant reading assignments submissions data", - "adminDescription": "Allows the app to read all tenant users reading assignments submissions data without a signed-in user.", + "adminDisplayName": "Read all tenant reading assignments, speaker assignments, and Reading Coach passages data.", + "adminDescription": "Allows the app to read all tenant users reading assignments, speaker assignments, and Reading Coach passages data without a signed-in user.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -18564,8 +18566,9 @@ "GET" ], "paths": { - "/education/reports/readingAssignmentSubmissions": "least=Application", - "/education/reports/speakerAssignmentSubmissions": "least=Application" + "/education/reports/readingAssignmentSubmissions": "", + "/education/reports/readingCoachPassages": "", + "/education/reports/speakerAssignmentSubmissions": "" } } ], @@ -18577,10 +18580,10 @@ "authorizationType": "oAuth2", "schemes": { "Application": { - "adminDisplayName": "Read all tenant reading assignments submissions data", - "adminDescription": "Allows the app to read all tenant users reading assignments submissions data (excludes student-identifying information) without a signed-in user.", + "adminDisplayName": "Read all tenant reading assignments, speaker assignments, and Reading Coach passages data.", + "adminDescription": "Allows the app to read all tenant users reading assignments, speaker assignments, and Reading Coach passages data (excludes student-identifying information) without a signed-in user.", "requiresAdminConsent": true, - "privilegeLevel": 4 + "privilegeLevel": 3 } }, "pathSets": [ @@ -18592,8 +18595,9 @@ "GET" ], "paths": { - "/education/reports/readingAssignmentSubmissions": "", - "/education/reports/speakerAssignmentSubmissions": "" + "/education/reports/readingAssignmentSubmissions": "least=Application", + "/education/reports/readingCoachPassages": "least=Application", + "/education/reports/speakerAssignmentSubmissions": "least=Application" } } ], @@ -18620,7 +18624,7 @@ "GET" ], "paths": { - "/education/reports/reflectCheckInResponses": "least=Application" + "/education/reports/reflectCheckInResponses": "" } } ], @@ -18635,7 +18639,7 @@ "adminDisplayName": "Read all tenant reflect check-ins submissions data", "adminDescription": "Allows the app to read all tenant users reflect check-ins submissions data (excludes responder-identifying information) without a signed-in user.", "requiresAdminConsent": true, - "privilegeLevel": 4 + "privilegeLevel": 3 } }, "pathSets": [ @@ -18647,7 +18651,7 @@ "GET" ], "paths": { - "/education/reports/reflectCheckInResponses": "" + "/education/reports/reflectCheckInResponses": "least=Application" } } ], From 942dee258a128b48ccc140341de24de7e300e4b6 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Mon, 7 Jul 2025 09:58:24 +0300 Subject: [PATCH 4/6] Weekly Permissions sync 2025-07-07 (#1188) --- permissions/new/permissions.json | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 3a0cfc74..d03f5ccb 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -20616,6 +20616,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "least=DelegatedWork", "/drives/{id}/items/{id}/checkAccess": "least=DelegatedWork" } } @@ -20971,6 +20972,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{drive-id}/items/{item-id}/checkAccess": "" } } @@ -22479,6 +22481,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{drive-id}/items/{item-id}/checkAccess": "" } } @@ -23164,6 +23167,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{drive-id}/items/{item-id}/checkAccess": "" } } @@ -41343,6 +41347,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{id}/items/{id}/checkAccess": "" } } @@ -41558,6 +41563,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{id}/items/{id}/checkAccess": "" } } @@ -42005,6 +42011,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{drive-id}/items/{item-id}/checkAccess": "" } } @@ -42655,6 +42662,7 @@ "POST" ], "paths": { + "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{drive-id}/items/{item-id}/checkAccess": "" } } From 22dce784428c73559f2c219811c0c71af0f6f020 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Wed, 9 Jul 2025 10:47:22 +0300 Subject: [PATCH 5/6] Weekly Permissions sync 2025-07-09 (#1191) --- permissions/new/ProvisioningInfo.json | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json index cfffa50c..3e82f6af 100644 --- a/permissions/new/ProvisioningInfo.json +++ b/permissions/new/ProvisioningInfo.json @@ -508,6 +508,26 @@ "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], + "AppQuotaSettings.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AppQuotaSettings.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], "AppRoleAssignment.ReadWrite.All": [ { "id": "84bccea3-f856-4a8a-967b-dbe0a3d53a64", @@ -8015,6 +8035,22 @@ "resourceAppId": "" } ], + "OnlineMeeting.Read.Chat": [ + { + "scheme": "Application", + "environment": "public", + "isHidden": true, + "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" + } + ], + "OnlineMeeting.ReadWrite.Chat": [ + { + "scheme": "Application", + "environment": "public", + "isHidden": true, + "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" + } + ], "OnlineMeetings.Read": [ { "id": "9be106e1-f4e3-4df5-bdff-e4bc531cbe43", From c9b810f145885e75e359a9e8ca28da07d5f8ce50 Mon Sep 17 00:00:00 2001 From: James Ndegwa Maringa Date: Mon, 21 Jul 2025 19:46:30 +0300 Subject: [PATCH 6/6] Weekly Permissions sync 2025-07-21 --- permissions/new/ProvisioningInfo.json | 207 +++++--- permissions/new/permissions.json | 716 ++++++++++++++++++-------- 2 files changed, 627 insertions(+), 296 deletions(-) diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json index 3e82f6af..258dfe69 100644 --- a/permissions/new/ProvisioningInfo.json +++ b/permissions/new/ProvisioningInfo.json @@ -110,11 +110,11 @@ ], "AgentApplication.Create": [ { - "id": "", + "id": "2f479c7e-27df-4053-826b-57d8ce55be3e", "scheme": "Application", "environment": "PPE;public", - "isHidden": true, - "isEnabled": false, + "isHidden": false, + "isEnabled": true, "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], @@ -370,6 +370,42 @@ "resourceAppId": "" } ], + "AppFederatedCredentialIssuers.Read.All": [ + { + "id": "", + "scheme": "Application", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], + "AppFederatedCredentialIssuers.ReadWrite.All": [ + { + "id": "", + "scheme": "Application", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "Application-RemoteDesktopConfig.ReadWrite.All": [ { "id": "ffa91d43-2ad8-45cc-b592-09caddeb24bb", @@ -408,7 +444,7 @@ ], "Application.ReadUpdate.All": [ { - "id": "", + "id": "fc023787-fd04-4e44-9bc7-d454f00c0f0a", "scheme": "Application", "environment": "", "isHidden": true, @@ -416,7 +452,7 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" }, { - "id": "", + "id": "0586a906-4d89-4de8-b3c8-1aacdcc0c679", "scheme": "DelegatedWork", "environment": "", "isHidden": true, @@ -500,11 +536,11 @@ ], "Application.Manage.OwnedBy": [ { - "id": "", + "id": "2c4bea56-10d0-49ec-a086-f17f7403a159", "scheme": "Application", "environment": "PPE;public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], @@ -1690,11 +1726,11 @@ ], "CallTranscripts.Read.All": [ { - "id": "25F83B2C-9BB4-4FAA-85F6-2014A7D072D1", + "id": "fbace248-5d8e-441c-85ca-cc19221a69a2", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" }, { @@ -1708,21 +1744,21 @@ ], "CallTranscripts.Read.Chat": [ { - "id": "5358D0FF-63E3-4383-89F0-D2327B91A4F7", + "id": "7990a5df-4c51-43ea-939c-3e8b18d6ddad", "scheme": "Application", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" } ], "CallRecordings.Read.All": [ { - "id": "", + "id": "63d31bd6-bcf5-40ca-8283-ba4130a66405", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" }, { @@ -1736,11 +1772,11 @@ ], "CallRecordings.Read.Chat": [ { - "id": "963868C0-C2C5-4B23-AB11-1B42D29ECFE9", + "id": "22748df0-bd8c-4626-aad9-6dab421b33e4", "scheme": "Application", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" } ], @@ -3454,19 +3490,19 @@ ], "CallAiInsights.Read.All": [ { - "id": "17471B3F-20B4-4B24-9D63-D950A3E4A11E", + "id": "e24bdaf9-83f8-468b-a144-c681ccb6caf4", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" }, { - "id": "C2829D1E-1C68-4A66-BFC2-2D9D918688F0", + "id": "792b782b-7822-4b92-8103-77e44f2f706c", "scheme": "Application", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" } ], @@ -3480,11 +3516,11 @@ "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" }, { - "id": "011A12EA-7B2F-42D5-871E-E141D72CA8FB", + "id": "ff9d3910-ca91-4e7f-843f-d44ab36a961a", "scheme": "Application", "environment": "public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" } ], @@ -4923,7 +4959,7 @@ "id": "d746beae-b46e-446e-924a-5b805a5c4467", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "00000005-0000-0ff1-ce00-000000000000" }, @@ -4931,7 +4967,7 @@ "id": "58c5819e-29bd-4400-ad52-82cd82a63fbd", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "00000005-0000-0ff1-ce00-000000000000" } @@ -5483,7 +5519,7 @@ "id": "8e6ec84c-5fcd-4cc7-ac8a-2296efc0ed9b", "scheme": "DelegatedWork", "environment": "public", - "isHidden": false, + "isHidden": true, "isEnabled": true, "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" } @@ -5493,7 +5529,7 @@ "id": "c319a7df-930e-44c0-a43b-7e5e9c7f4f24", "scheme": "DelegatedWork", "environment": "public", - "isHidden": false, + "isHidden": true, "isEnabled": true, "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" } @@ -5503,14 +5539,15 @@ "id": "2dcc6599-bd30-442b-8f11-90f88ad441dc", "scheme": "Application", "environment": "public", - "isHidden": false, + "isHidden": true, "isEnabled": true, "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" }, { + "id": "d1e4f63a-1569-475c-b9b2-bdc140405e38", "scheme": "DelegatedWork", "environment": "public", - "isHidden": false, + "isHidden": true, "isEnabled": true, "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" } @@ -5968,7 +6005,7 @@ "id": "2eb2bc92-94ef-4c6b-b4ab-2a09bc975e0e", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "65d91a3d-ab74-42e6-8a2f-0add61688c74" }, @@ -5976,7 +6013,7 @@ "id": "f3c4f514-c65a-43f5-bfce-1735872258dd", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "65d91a3d-ab74-42e6-8a2f-0add61688c74" } @@ -5986,7 +6023,7 @@ "id": "c1691a6d-99e2-4cfa-b4b5-9e4d67dc0f36", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "65d91a3d-ab74-42e6-8a2f-0add61688c74" }, @@ -5994,7 +6031,7 @@ "id": "546168c3-1183-4281-9491-fafb24dea37e", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "65d91a3d-ab74-42e6-8a2f-0add61688c74" } @@ -6779,7 +6816,7 @@ ], "MS-NotificationDeliveryStatus.Read": [ { - "id": "", + "id": "27be99ba-126e-4761-b2f5-c57f031ed705", "scheme": "DelegatedWork", "environment": "", "isHidden": true, @@ -6789,7 +6826,7 @@ ], "MS-NotificationDeliveryStatus.Read.All": [ { - "id": "", + "id": "d6977fee-b6f0-4b4d-b64f-254858bd7991", "scheme": "DelegatedWork", "environment": "", "isHidden": true, @@ -6797,7 +6834,7 @@ "resourceAppId": "3138fe80-4087-4b04-80a6-8866c738028a" }, { - "id": "", + "id": "0d624011-7d4f-43c4-a70b-09c9f11cba09", "scheme": "Application", "environment": "", "isHidden": true, @@ -6807,7 +6844,7 @@ ], "MS-NotificationDeliveryStatus.ReadWrite.All": [ { - "id": "", + "id": "41e4880d-50f7-4f7a-8337-26cec6761b43", "scheme": "Application", "environment": "", "isHidden": true, @@ -7481,7 +7518,7 @@ ], "ManagedIdentity.Create": [ { - "id": "", + "id": "d419de8c-f1db-4863-8142-8092157a73ab", "scheme": "DelegatedWork", "environment": "", "isHidden": true, @@ -7489,7 +7526,7 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" }, { - "id": "", + "id": "7d0d4d35-fd42-4544-bc95-4790a7b48732", "scheme": "Application", "environment": "", "isHidden": true, @@ -7944,7 +7981,7 @@ "id": "c5d06837-8c0d-42fc-9e49-545e3f941261", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } @@ -8037,17 +8074,21 @@ ], "OnlineMeeting.Read.Chat": [ { + "id": "f991ed3f-9617-4d8d-b06c-d18d9fcbcf2a", "scheme": "Application", "environment": "public", "isHidden": true, + "isEnabled": true, "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } ], "OnlineMeeting.ReadWrite.Chat": [ { + "id": "93400bb4-2282-4371-a745-a86d64c966d0", "scheme": "Application", "environment": "public", "isHidden": true, + "isEnabled": true, "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } ], @@ -8255,7 +8296,7 @@ "resourceAppId": "" } ], - "OrganizationalBrandingLocale.Write": [ + "OrganizationalBrandingLocale.ReadWrite": [ { "id": "b0c1f2d6-3a8e-4f5c-9b7d-8e0a1c5f3b2f", "scheme": "DelegatedWork", @@ -8974,7 +9015,7 @@ "id": "a6ff13ac-1851-4993-8ca9-a671d70de2d5", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, @@ -8982,7 +9023,7 @@ "id": "8e3bc81b-d2f3-4b7b-838c-32c88218d2f0", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -10299,6 +10340,24 @@ "resourceAppId": "" } ], + "RealTimeActivityFeed.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "74658136-14ec-4630-ad9b-26e160ff0fc6" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "74658136-14ec-4630-ad9b-26e160ff0fc6" + } + ], "RecordsManagement.Read.All": [ { "id": "07f995eb-fc67-4522-ad66-2b8ca8ea3efd", @@ -10471,7 +10530,7 @@ ], "ResponderFormBody.Read.All": [ { - "id": "", + "id": "8b39a9fb-af2e-4cb7-88b0-ec76054a1395", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, @@ -10479,7 +10538,7 @@ "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" }, { - "id": "", + "id": "9115b337-3bcb-435b-a414-a0c30d385da4", "scheme": "Application", "environment": "public", "isHidden": true, @@ -10489,7 +10548,7 @@ ], "ResponderFormResponse.ReadWrite.All": [ { - "id": "", + "id": "96d47b5c-1ffa-4952-a9a9-c3dd879a243b", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, @@ -10497,7 +10556,7 @@ "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87" }, { - "id": "", + "id": "4e1c1788-4d07-46d3-9ecc-04e5f45d7de7", "scheme": "Application", "environment": "public", "isHidden": true, @@ -11270,7 +11329,7 @@ "id": "84499c31-ac2e-44d3-a0cf-a6c386d4dfe8", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "bb3d68c2-d09e-4455-94a0-e323996dbaa3" }, @@ -11288,7 +11347,7 @@ "id": "206291b0-2167-47a7-a640-6cdc1df710ba", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "bb3d68c2-d09e-4455-94a0-e323996dbaa3" }, @@ -11540,7 +11599,7 @@ "id": "3e9ed69a-a48e-473c-8b97-413016703a37", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" }, @@ -11548,7 +11607,7 @@ "id": "c5bc96f5-b4a1-4cfc-8189-d5f0d772278f", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" } @@ -11558,7 +11617,7 @@ "id": "818229ce-20e4-47bd-92f4-bc94dbb37a56", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" }, @@ -11566,7 +11625,7 @@ "id": "af2bf46f-7bf1-4be3-8bad-e17e279e8462", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" } @@ -11907,21 +11966,21 @@ ], "AgentIdentity.Create": [ { - "id": "", + "id": "2c4c43c7-1903-4658-a911-b8f2bb31e32e", "scheme": "Application", "environment": "", - "isHidden": true, - "isEnabled": false, + "isHidden": false, + "isEnabled": true, "resourceAppId": "00000003-0000-0000-c000-00000000000" } ], "ServicePrincipal.Manage.OwnedBy": [ { - "id": "", + "id": "6930b171-5cf8-4865-ba0f-cfce959d1bca", "scheme": "Application", "environment": "PPE;public", "isHidden": true, - "isEnabled": false, + "isEnabled": true, "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], @@ -11963,7 +12022,7 @@ ], "ServicePrincipal.ReadEnableDisable.All": [ { - "id": "", + "id": "8e591f11-26b7-4914-9d76-eb681414196e", "scheme": "DelegatedWork", "environment": "", "isHidden": true, @@ -11971,7 +12030,7 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" }, { - "id": "", + "id": "940cb743-c02b-4015-a2a8-86c5f34c982b", "scheme": "Application", "environment": "", "isHidden": true, @@ -11981,7 +12040,7 @@ ], "ServicePrincipal.ManageCreds.All": [ { - "id": "", + "id": "9b283fe8-a581-4b55-b7fb-c1eb1dc5ca3e", "scheme": "DelegatedWork", "environment": "", "isHidden": true, @@ -11989,7 +12048,7 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" }, { - "id": "", + "id": "b47044e9-7f58-4f3e-ba1d-ee242c7192f8", "scheme": "Application", "environment": "", "isHidden": true, @@ -12075,7 +12134,7 @@ ], "SignInIdentifier.Read.All": [ { - "id": "", + "id": "458e1edc-1e75-438c-8c7b-c32115c9d373", "scheme": "DelegatedWork", "environment": "public", "isHidden": false, @@ -12083,7 +12142,7 @@ "resourceAppId": "bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4" }, { - "id": "", + "id": "28e1fe78-598f-4df4-b55e-18bf34218925", "scheme": "Application", "environment": "public", "isHidden": false, @@ -12093,15 +12152,15 @@ ], "SignInIdentifier.ReadWrite.All": [ { - "id": "", + "id": "b4673c3c-7b5a-4012-9826-7c7e3c8db6af", "scheme": "DelegatedWork", "environment": "public", - "isHidden": false, + "isHidden": false, "isEnabled": true, "resourceAppId": "bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4" }, { - "id": "", + "id": "7fc588a2-ea2d-4d1f-bcf7-33c324b149b8", "scheme": "Application", "environment": "public", "isHidden": false, @@ -14850,7 +14909,7 @@ "id": "61e8a09a-087f-4e36-8c8c-1c77c5228017", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "" }, @@ -15108,7 +15167,7 @@ "id": "298266a0-fbf7-4804-b988-5a54e61566c8", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } @@ -15118,7 +15177,7 @@ "id": "0e646cc8-6b07-4030-9a41-a7db4644b4cc", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } @@ -15469,30 +15528,30 @@ ], "VerifiedId-Profile.Read.All": [ { - "id": "3da0bc58-040a-4423-ae60-cfb849edc620", + "id": "604b2056-41ed-4c56-aad5-1241d4ef7333", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "93625bc8-bfe2-437a-97e0-3d0060024faa" + "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "db1ab09f-19aa-42fb-a75e-502bbe395625", + "id": "e227c591-dd64-4a8a-a033-816167f7c938", "scheme": "Application", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "93625bc8-bfe2-437a-97e0-3d0060024faa" + "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "VerifiedId-Profile.ReadWrite.All": [ { - "id": "13a7d4a4-5c13-442f-bbbd-b995d620b27d", + "id": "e4a9cb5e-4767-48f8-9029-decf26a54456", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "93625bc8-bfe2-437a-97e0-3d0060024faa" + "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ] } diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index d03f5ccb..a6b475ca 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -545,6 +545,66 @@ "ownerSecurityGroup": "DirectoryPreAuthZReq" } }, + "AgentApplication.Create": { + "authorizationType": "oAuth2", + "schemes": { + "Application": { + "adminDisplayName": "Create agent applications.", + "adminDescription": "Allows creating new agent applications and their associated service principals.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/applications": "", + "/applications/graph.agentApplication": "least=Application", + "/servicePrincipals": "", + "/servicePrincipals/graph.agentServicePrincipal": "" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "idappcore" + } + }, + "AgentIdentity.Create": { + "authorizationType": "oAuth2", + "schemes": { + "Application": { + "adminDisplayName": "Create agent identities linked to itself.", + "adminDescription": "Allows the app to create linked agent identities without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/serviceprincipals": "", + "/servicePrincipals(appid={value})/graph.agentServicePrincipal/identities": "least=Application", + "/servicePrincipals/{id}/graph.agentServicePrincipal/identities": "least=Application", + "/servicePrincipals/graph.agentIdentity": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "idappcore" + } + }, "Agreement.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -19065,6 +19125,43 @@ "ownerSecurityGroup": "ve-msgraph-owners" } }, + "EngagementMeetingConversation.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all Teams Q\u0026A conversations", + "adminDescription": "Allows an app to read all Teams Q\u0026A conversations and their properties on behalf of the signed-in user", + "userDisplayName": "Read all Teams Q\u0026A conversations", + "userDescription": "Allows the app to list Teams Q\u0026A conversations, and to read their properties on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + }, + "Application": { + "adminDisplayName": "Read all Teams Q\u0026A conversations", + "adminDescription": "Allows the app to list Teams Q\u0026A conversations, and to read their properties without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/communications/getAllOnlineMeetingMessages": "least=DelegatedWork,Application", + "/communications/onlineMeetingConversations/conversations/{id}/messages/{id}/reactions": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "ve-msgraph-owners" + } + }, "EngagementRole.Read": { "authorizationType": "oAuth2", "schemes": { @@ -23434,227 +23531,6 @@ "ownerSecurityGroup": "GraphSPOApprovers" } }, - "FileStorageContainerType.Manage.All": { - "authorizationType": "oAuth2", - "schemes": { - "DelegatedWork": { - "adminDisplayName": "Manage file storage container types on behalf of the signed in user", - "adminDescription": "Allows the application to manage file storage container types on behalf of the signed in user. The user must be a SharePoint Embedded Admin or Global Admin.", - "userDisplayName": "Manage file storage container types on your behalf", - "userDescription": "Allows the app to access a subset of storage container types on your behalf. You must be a SharePoint Embedded Admin or Global Admin.", - "requiresAdminConsent": false, - "privilegeLevel": 3 - } - }, - "pathSets": [ - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "POST" - ], - "paths": { - "/storage/fileStorage/containerTypes": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "GET" - ], - "paths": { - "/storage/fileStorage/containerTypes": "least=DelegatedWork", - "/storage/fileStorage/containerTypes/{id}": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "PATCH" - ], - "paths": { - "/storage/fileStorage/containerTypes/{id}": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "DELETE" - ], - "paths": { - "/storage/fileStorage/containerTypes/{id}": "least=DelegatedWork" - } - } - ], - "ownerInfo": { - "ownerSecurityGroup": "GraphSPOApprovers" - } - }, - "FileStorageContainerTypeReg.Manage.All": { - "authorizationType": "oAuth2", - "schemes": { - "DelegatedWork": { - "adminDisplayName": "Manage file storage container type registrations on behalf of the signed in user", - "adminDescription": "Allows the application to manage file storage container type registrations on behalf of the signed in user. The user must be a SharePoint Embedded Admin or Global Admin.", - "userDisplayName": "Manage file storage container type registrations on your behalf", - "userDescription": "Allows the app to access a subset of storage container type registrations on your behalf. You must be a SharePoint Embedded Admin or Global Admin.", - "requiresAdminConsent": false, - "privilegeLevel": 3 - } - }, - "pathSets": [ - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "PUT" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations": "least=DelegatedWork", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants": "least=DelegatedWork", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "GET" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "GET" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations": "least=DelegatedWork", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "PATCH" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork" - } - }, - { - "schemeKeys": [ - "DelegatedWork" - ], - "methods": [ - "DELETE" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork" - } - } - ], - "ownerInfo": { - "ownerSecurityGroup": "GraphSPOApprovers" - } - }, - "FileStorageContainerTypeReg.Selected": { - "authorizationType": "oAuth2", - "schemes": { - "DelegatedWork": { - "adminDisplayName": "Access selected file storage container type registrations.", - "adminDescription": "Allows the application to manage selected file storage container type registrations on behalf of the signed in user. The user must be a SharePoint Embedded Admin or Global Admin.", - "userDisplayName": "Access selected file storage container type registrations.", - "userDescription": "Allows the application to manage selected file storage container type registrations on your behalf. You must be a SharePoint Embedded Admin or Global Admin.", - "requiresAdminConsent": false, - "privilegeLevel": 2 - }, - "Application": { - "adminDisplayName": "Access selected file storage container type registrations.", - "adminDescription": "Allows the application to manage file storage container type registrations without a signed-in user.", - "requiresAdminConsent": true, - "privilegeLevel": 3 - } - }, - "pathSets": [ - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "PUT" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "GET" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "PATCH" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "DELETE" - ], - "paths": { - "/storage/fileStorage/containerTypeRegistrations/{id}": "least=DelegatedWork,Application", - "/storage/fileStorage/containerTypeRegistrations/{id}/applicationPermissionGrants/{id}": "least=DelegatedWork,Application" - } - } - ], - "ownerInfo": { - "ownerSecurityGroup": "GraphSPOApprovers" - } - }, "Financials.ReadWrite.All": { "authorizationType": "oAuth2", "schemes": { @@ -24915,6 +24791,137 @@ "ownerSecurityGroup": "IdentityReq" } }, + "GroupSettings.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all group settings that user can access", + "adminDescription": "Allows the app to read a list of tenant-level or group-specific group settings objects, on behalf of the signed-in user.", + "userDisplayName": "Read all group settings that user can access", + "userDescription": "Allows the app to read a list of tenant-level or group-specific group settings objects, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read all group settings", + "adminDescription": "Allows the app to read a list of tenant-level or group-specific group settings objects, without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/directorysettingtemplates": "least=DelegatedWork,Application", + "/directorysettingtemplates/{id}": "least=DelegatedWork,Application", + "/groups/{id}/settings": "least=DelegatedWork,Application", + "/groups/{id}/settings/{id}": "least=DelegatedWork,Application", + "/groupsettings": "least=DelegatedWork,Application", + "/groupsettings/{id}": "least=DelegatedWork,Application", + "/groupsettingtemplates": "least=DelegatedWork,Application", + "/groupsettingtemplates/{id}": "least=DelegatedWork,Application", + "/settings": "least=DelegatedWork,Application", + "/settings/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "AADGroupsPreAuth" + } + }, + "GroupSettings.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all group settings that user can access", + "adminDescription": "Allows the app to create, read, update, and delete on the list of tenant-level or group-specific group settings objects that you have access to in the organization, on behalf of the signed-in user.", + "userDisplayName": "Read and write all group settings that user can access", + "userDescription": "Allows the app to create, read, update, and delete on the list of tenant-level or group-specific group settings objects that you have access to in the organization, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all group settings", + "adminDescription": "Allows the app to create, read, update, and delete on the list of tenant-level or group-specific group settings objects, without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/directorysettingtemplates": "", + "/directorysettingtemplates/{id}": "", + "/groups/{id}/settings": "", + "/groups/{id}/settings/{id}": "", + "/groupsettings": "least=DelegatedWork,Application", + "/groupsettings/{id}": "least=DelegatedWork,Application", + "/groupsettingtemplates": "", + "/groupsettingtemplates/{id}": "", + "/settings": "least=DelegatedWork,Application", + "/settings/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/groups/{id}/settings": "least=DelegatedWork,Application", + "/groups/{id}/settings/{id}": "least=DelegatedWork,Application", + "/groupsettings": "least=DelegatedWork,Application", + "/settings": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/groups/{id}/settings/{id}": "least=DelegatedWork,Application", + "/groupsettings/{id}": "least=DelegatedWork,Application", + "/settings/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/group/{id}/settings": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "AADGroupsPreAuth" + } + }, "HealthMonitoringAlert.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -30583,6 +30590,41 @@ "ownerSecurityGroup": "RtsAvengersSG" } }, + "OnlineMeetingArtifact.Read.Chat": { + "authorizationType": "RSC", + "schemes": { + "Application": { + "adminDisplayName": "Read virtual event artifacts", + "adminDescription": "Read attendance reports \u0026 attendance records for this webinar or town hall.", + "requiresAdminConsent": false, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/onlineMeetings/{meetingId}/attendanceReports": "", + "/me/onlineMeetings/{meetingId}/attendanceReports/{reportId}": "", + "/me/onlineMeetings/{meetingId}/attendanceReports/{reportId}/attendanceRecords": "", + "/solutions/virtualEvents/webinars/{webinarId}/sessions/{sessionId}/attendanceReports": "least=Application", + "/solutions/virtualEvents/webinars/{webinarId}/sessions/{sessionId}/attendanceReports/{reportId}": "least=Application", + "/solutions/virtualEvents/webinars/{webinarId}/sessions/{sessionId}/attendanceReports/{reportId}/attendanceRecords": "least=Application", + "/users/{userId}/onlineMeetings/{meetingId}/attendanceReports": "", + "/users/{userId}/onlineMeetings/{meetingId}/attendanceReports/{reportId}": "", + "/users/{userId}/onlineMeetings/{meetingId}/attendanceReports/{reportId}/attendanceRecords": "" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "RtsAvengersSG" + } + }, "OnlineMeetingRecording.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -33194,6 +33236,63 @@ "ownerSecurityGroup": "idappcore" } }, + "Policy.Read.AuthenticationMethod": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read authentication method policies", + "adminDescription": "Allows the app to read the authentication method policies, on behalf of the signed-in user. ", + "userDisplayName": "Read your authentication method policies ", + "userDescription": "Allows the app to read the authentication method policies for your tenant, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read authentication method policies", + "adminDescription": "Allows the app to read all authentication method policies for the tenant, without a signed-in user. ", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/identity/conditionalaccess/authenticationstrength/authenticationmethodmodes": "least=DelegatedWork,Application", + "/identity/conditionalaccess/authenticationstrength/authenticationmethodmodes/{id}": "least=DelegatedWork,Application", + "/identity/conditionalaccess/authenticationstrength/combinations": "least=DelegatedWork,Application", + "/identity/conditionalaccess/authenticationstrength/policies/{id}/combinationconfigurations": "least=DelegatedWork,Application", + "/identity/conditionalaccess/authenticationstrength/policies/{id}/combinationconfigurations/{id}": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy": "least=DelegatedWork,Application", + "/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/{id}": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/email": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/federatedIdentityCredential": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/fido2": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/hardwareoath": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/microsoftauthenticator": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/qrcodepin": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/sms": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/softwareoath": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/temporaryaccesspass": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/voice": "least=DelegatedWork,Application", + "/policies/authenticationmethodspolicy/authenticationmethodconfigurations/x509certificate": "least=DelegatedWork,Application", + "/policies/authenticationstrengthpolicies": "least=DelegatedWork,Application", + "/policies/authenticationstrengthpolicies/{id}": "least=DelegatedWork,Application", + "/policies/authenticationstrengthpolicies/{id}/usage": "least=DelegatedWork,Application", + "/policies/authenticationstrengthpolicies/findbymethodmode(authenticationmethodmodes={value})": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "AuthMethodProvTeam" + } + }, "Policy.Read.B2BManagementPolicy": { "authorizationType": "oAuth2", "schemes": { @@ -39978,6 +40077,78 @@ "ownerSecurityGroup": "secgraphschema" } }, + "SecurityIdentitiesAccount.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read identity security available identity accounts", + "adminDescription": "Allows the app to read all the identity security available identity accounts", + "userDisplayName": "Read identity security available identity accounts", + "userDescription": "Allows the app to read all the identity security available identity accounts on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all identity security available identity accounts", + "adminDescription": "Allows the app to read all the identity security available identity accounts without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/security/identities/identityAccounts": "least=DelegatedWork,Application", + "/security/identities/identityAccounts/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "tri-msgraph" + } + }, + "SecurityIdentitiesActions.ReadWrite.All": { + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and perform identity security available actions", + "adminDescription": "Allows the app to read and write identity security available actions on behalf of the signed-in identity.", + "userDisplayName": "Read and perform identity security available actions", + "userDescription": "Allows the app to read and write identity security available actions on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read and perform all identity security available actions", + "adminDescription": "Allows the app to read and write identity security available actions without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/security/identities/identityAccounts/{id}/invokeActions": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "tri-msgraph" + } + }, "SecurityIdentitiesHealth.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -41232,7 +41403,8 @@ "/sites/{id}/lists/{id}/permissions": "", "/sites/{id}/operations": "", "/sites/{id}/operations/{id}": "", - "/sites/{id}/permissions": "least=DelegatedWork,Application" + "/sites/{id}/permissions": "least=DelegatedWork,Application", + "/sites/{id}/searchCustomIndex(q={value})": "" } }, { @@ -41779,6 +41951,7 @@ "/sites/{id}/pages/{id}/webparts/{id}/getpositionofwebpart": "least=DelegatedWork,Application", "/sites/{id}/pageTemplates": "least=DelegatedWork,Application", "/sites/{id}/pageTemplates/{id}": "least=DelegatedWork,Application", + "/sites/{id}/searchCustomIndex(q={value})": "least=DelegatedWork,Application", "/sites/{id}/settings": "least=DelegatedWork,Application", "/sites/{id}/sites": "least=DelegatedWork,Application", "/sites/root": "least=DelegatedWork,Application", @@ -42199,6 +42372,7 @@ "/sites/{id}/pages/{id}/webparts": "", "/sites/{id}/pages/{id}/webparts/{id}": "", "/sites/{id}/pages/{id}/webparts/{id}/getpositionofwebpart": "", + "/sites/{id}/searchCustomIndex(q={value})": "", "/sites/{id}/settings": "", "/sites/{id}/sites": "", "/sites/root": "", @@ -52246,6 +52420,45 @@ "ownerSecurityGroup": "mfateam" } }, + "UserCloudClipboard.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read cloud clipboard items", + "adminDescription": "Allows the app to read cloud clipboard data on behalf of the signed-in user.", + "userDisplayName": "Read cloud clipboard items", + "userDescription": "Allows the app to read your cloud clipboard items.", + "requiresAdminConsent": false + }, + "DelegatedPersonal": { + "adminDisplayName": "Read cloud clipboard items", + "adminDescription": "Allows the app to read cloud clipboard data on behalf of the signed-in user.", + "userDisplayName": "Read cloud clipboard items", + "userDescription": "Allows the app to read your cloud clipboard items.", + "requiresAdminConsent": false + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/cloudClipboard/items": "least=DelegatedWork,DelegatedPersonal", + "/me/cloudClipboard/items/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/cloudClipboard/items": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/cloudClipboard/items/{id}": "least=DelegatedWork,DelegatedPersonal" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "afsdev" + } + }, "UserShiftPreferences.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -52660,6 +52873,37 @@ "ownerSecurityGroup": "RtsAvengersSG" } }, + "VirtualEvent.Read.Chat": { + "authorizationType": "RSC", + "schemes": { + "Application": { + "adminDisplayName": "Read virtual event details", + "adminDescription": "Read information for this webinars or town halls, including schedules, speakers, and event settings and webinar registrations.", + "requiresAdminConsent": false, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/solutions/virtualEvents/townhalls/{id}": "least=Application", + "/solutions/virtualEvents/webinars/{id}": "least=Application", + "/solutions/virtualEvents/webinars/{id}/registrations": "least=Application", + "/solutions/virtualEvents/webinars/{id}/registrations/{id}": "least=Application", + "/solutions/virtualEvents/webinars/{webinarId}/registrations/{registrationId}/sessions": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "RtsAvengersSG" + } + }, "VirtualEvent.ReadWrite": { "authorizationType": "oAuth2", "schemes": { @@ -52784,6 +53028,34 @@ "ownerSecurityGroup": "RtsAvengersSG" } }, + "VirtualEventRegistration-Anon.ReadWrite.Chat": { + "authorizationType": "RSC", + "schemes": { + "Application": { + "adminDisplayName": "Manage virtual event registrations", + "adminDescription": "Register attendees and cancel registrations for this webinar.", + "requiresAdminConsent": false, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/solutions/virtualEvents/webinars/{webinarId}/registrations": "least=Application", + "/solutions/virtualEvents/webinars/{webinarId}/registrations/{registrationId}/cancel": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "RtsAvengersSG" + } + }, "WindowsUpdates.ReadWrite.All": { "authorizationType": "oAuth2", "schemes": {