diff --git a/azure-pipelines/publishSamples.yml b/azure-pipelines/publishSamples.yml index 90420e31..b2349c1e 100644 --- a/azure-pipelines/publishSamples.yml +++ b/azure-pipelines/publishSamples.yml @@ -10,7 +10,7 @@ trigger: branches: include: - master - - dev + # - dev add dev back once we have staging setup paths: include: - 'samples-queries/**' diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index b8d48911..0ef48328 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -3426,6 +3426,17 @@ "/backupRestore/protectionUnits/{protectionUnitId}": "" } }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/backupRestore/protectionUnits/{protectionUnitId}": "least=DelegatedWork" + } + }, { "schemeKeys": [ "DelegatedWork", @@ -16681,7 +16692,6 @@ "/users/{id}/directreports": "", "/users/{id}/joinedteams": "", "/users/{id}/licensedetails": "", - "/users/{id}/licenseDetails/getTeamsLicensingDetails": "", "/users/{id}/manager": "", "/users/{id}/memberof": "least=Application", "/users/{id}/oauth2permissiongrants": "least=DelegatedWork,Application", @@ -16730,7 +16740,8 @@ "/me/registereddevices": "", "/me/scopedrolememberof": "least=DelegatedWork", "/me/transitivememberof": "", - "/privilegedroleassignmentrequests": "least=DelegatedWork" + "/privilegedroleassignmentrequests": "least=DelegatedWork", + "/users/{id}/licenseDetails/getTeamsLicensingDetails": "" } }, { @@ -16966,7 +16977,6 @@ "/users/{id}/directreports": "", "/users/{id}/joinedteams": "", "/users/{id}/licensedetails": "", - "/users/{id}/licenseDetails/getTeamsLicensingDetails": "", "/users/{id}/memberof": "", "/users/{id}/owneddevices": "", "/users/{id}/ownedobjects": "", @@ -17108,7 +17118,8 @@ "/onpremisespublishingprofiles/applicationproxy/connectorgroups/{id}/applications": "least=DelegatedWork", "/onpremisespublishingprofiles/applicationproxy/connectors": "least=DelegatedWork", "/onpremisespublishingprofiles/applicationproxy/connectors/{id}": "least=DelegatedWork", - "/serviceprincipals": "" + "/serviceprincipals": "", + "/users/{id}/licenseDetails/getTeamsLicensingDetails": "" } }, { @@ -32275,15 +32286,15 @@ }, { "schemeKeys": [ - "DelegatedWork" + "DelegatedWork", + "Application" ], "methods": [ "GET" ], "paths": { - "/organization/{id}/settings/contactinsights": "least=DelegatedWork", - "/organization/{id}/settings/microsoftapplicationdataaccess": "least=DelegatedWork", - "/organization/{id}/settings/pronouns": "least=DelegatedWork" + "/organization/{id}/settings/contactinsights": "least=DelegatedWork,Application", + "/organization/{id}/settings/microsoftapplicationdataaccess": "least=DelegatedWork,Application" } } ], @@ -32416,16 +32427,16 @@ }, { "schemeKeys": [ - "DelegatedWork" + "DelegatedWork", + "Application" ], "methods": [ "GET", "PATCH" ], "paths": { - "/organization/{id}/settings/contactinsights": "least=DelegatedWork", - "/organization/{id}/settings/microsoftapplicationdataaccess": "least=DelegatedWork", - "/organization/{id}/settings/pronouns": "least=DelegatedWork" + "/organization/{id}/settings/contactinsights": "least=DelegatedWork,Application", + "/organization/{id}/settings/microsoftapplicationdataaccess": "least=DelegatedWork,Application" } }, { @@ -33855,15 +33866,23 @@ "/policies/crosstenantaccesspolicy": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/default/m365Capabilities/calendarAvailabilityBasic": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/default/m365Capabilities/calendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarAvailabilityBasic": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/identitysynchronization": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/calendarAvailabilityBasic": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/calendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarAvailabilityBasic": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMigration": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", "/policies/defaultappmanagementpolicy": "least=DelegatedWork,Application", @@ -35369,8 +35388,12 @@ "PATCH" ], "paths": { - "/policies/crosstenantaccesspolicy/default/m365Capabilities/calendarAvailabilityBasic": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/default/m365Capabilities/calendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarAvailabilityBasic": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application" } }, @@ -35385,8 +35408,12 @@ "PATCH" ], "paths": { - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/calendarAvailabilityBasic": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/calendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarAvailabilityBasic": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarAvailabilityLimitedDetails": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMigration": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application" } @@ -37378,6 +37405,14 @@ "PrivilegedAccess.Read.AzureADGroup": { "authorizationType": "oAuth2", "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read privileged access to Azure AD groups", + "adminDescription": "Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups in your organization, without a signed-in user.", + "userDisplayName": "Read privileged access to Azure AD groups", + "userDescription": "Allows the app to read time-based assignment and just in time elevation (including scheduled elevation) of Azure AD groups in your organization, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, "Application": { "adminDisplayName": "Read privileged access to Azure AD groups", "adminDescription": "Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups in your organization, without a signed-in user.", @@ -37397,6 +37432,19 @@ "/privilegedaccess/azureresources/resources/{id}/roleassignmentrequests": "", "/privilegedaccess/azureresources/roleassignmentrequests": "" } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/identityGovernance/privilegedAccess/group/resources": "least=DelegatedWork,Application", + "/identityGovernance/privilegedAccess/group/resources/{id}": "least=DelegatedWork,Application" + } } ], "ownerInfo": { @@ -37520,6 +37568,12 @@ "userDescription": "Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups, on your behalf.", "requiresAdminConsent": true, "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write privileged access to Azure AD groups", + "adminDescription": "Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups, on behalf of the signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 } }, "pathSets": [ @@ -37545,6 +37599,19 @@ "paths": { "/privilegedaccess/azureresources/roleassignmentrequests/{id}/cancel": "" } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/identityGovernance/privilegedAccess/group/resources": "", + "/identityGovernance/privilegedAccess/group/resources/{id}": "" + } } ], "ownerInfo": { @@ -41312,6 +41379,78 @@ "ownerSecurityGroup": "tri-msgraph" } }, + "SecurityIdentitiesAutoConfig.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read sensors window auditing configuration", + "adminDescription": "Allows the app to read the sensors window auditing configuration of the signed in user", + "userDisplayName": "Read sensors window auditing configuration", + "userDescription": "Allows the app to read the sensors window auditing configuration on your behalf", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read sensors window auditing configuration", + "adminDescription": "Allows the app to read sensors window auditing configuration without a signed-in user", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/security/identities/settings/autoAuditingConfiguration": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "tri-msgraph" + } + }, + "SecurityIdentitiesAutoConfig.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write sensors window auditing configuration", + "adminDescription": "Allows the app to read and write the sensors window auditing configuration of the signed in user", + "userDisplayName": "Read and write window auditing configuration", + "userDescription": "Allows the app to read and write the sensors window auditing configuration on your behalf", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read and write sensors window auditing configuration", + "adminDescription": "Allows the app to read and write sensors window auditing configuration without a signed-in user", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/security/identities/settings/autoAuditingConfiguration": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "tri-msgraph" + } + }, "SecurityIdentitiesHealth.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -42272,9 +42411,9 @@ "/solutions/sharepoint/migrations/crossOrganizationGroupMappings(sourceGroupObjectId={sourceGroupObjectId})": "least=DelegatedWork,Application", "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks": "least=DelegatedWork,Application", "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/{id}": "least=DelegatedWork,Application", - "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/getMigrationTaskBySourceMailNickname(sourcemailnickname={sourcemailnickname},targethosturl={targethosturl})": "least=DelegatedWork,Application", - "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/getMigrationTaskBySourceSiteUrl(sourcesiteurl={sourcesiteurl},targethosturl={targethosturl})": "least=DelegatedWork,Application", - "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/getMigrationTaskBySourceUserPrincipalName(sourceprincipalname={sourceprincipalname},targethosturl={targethosturl})": "least=DelegatedWork,Application", + "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/getbysourcegroupmailnickname(sourcemailnickname={sourcemailnickname})": "least=DelegatedWork,Application", + "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/getbysourcesiteurl(sourcesiteurl={sourcesiteurl})": "least=DelegatedWork,Application", + "/solutions/sharepoint/migrations/crossOrganizationmigrationtasks/getbysourceuserprincipalname(sourceprincipalname={sourceprincipalname})": "least=DelegatedWork,Application", "/solutions/sharepoint/migrations/crossOrganizationUserMappings(sourceUserPrincipalName={sourceUserPrincipalName})": "least=DelegatedWork,Application" } } @@ -42829,6 +42968,18 @@ "/copilot/sharepoint/grounding/fetchResources": "", "/drives/{id}/items/{id}/checkAccess": "" } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/sites/getOperationStatus(operationId='{id}')": "" + } } ], "ownerInfo": { @@ -44665,7 +44816,7 @@ "GET" ], "paths": { - "/applications/{id}/synchronization/templates": "", + "/applications/{id}/synchronization/templates": "least=DelegatedWork", "/applications/{id}/synchronization/templates/{id}/schema/filteroperators": "least=DelegatedWork", "/applications/{id}/synchronization/templates/{id}/schema/functions": "least=DelegatedWork", "/reports/reconciliations/provisioning": "", @@ -44674,9 +44825,9 @@ "/reports/reconciliations/provisioning/{id}/identities/{id}": "", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/filteroperators": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/jobs/{id}/schema/functions": "least=DelegatedWork", - "/serviceprincipals/{id}/synchronization/templates": "", - "/serviceprincipals/{id}/synchronization/templates/{id}": "", - "/serviceprincipals/{id}/synchronization/templates/{id}/schema": "", + "/serviceprincipals/{id}/synchronization/templates": "least=DelegatedWork", + "/serviceprincipals/{id}/synchronization/templates/{id}": "least=DelegatedWork", + "/serviceprincipals/{id}/synchronization/templates/{id}/schema": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/filteroperators": "least=DelegatedWork", "/serviceprincipals/{id}/synchronization/templates/{id}/schema/functions": "least=DelegatedWork" } @@ -44746,6 +44897,18 @@ "paths": { "/serviceprincipals/{id}/synchronization/secrets": "least=DelegatedWork" } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/serviceprincipals/{id}/synchronization/jobs/{id}": "least=DelegatedWork,Application" + } } ], "ownerInfo": { @@ -44870,6 +45033,7 @@ "/planner/plans/{id}/buckets/delta": "least=DelegatedWork", "/planner/plans/{id}/dependencies": "least=DelegatedWork", "/planner/plans/{id}/details": "least=DelegatedWork", + "/planner/plans/{id}/getUsageRights": "least=DelegatedWork", "/planner/plans/{id}/goals": "least=DelegatedWork", "/planner/plans/{id}/tasks": "least=DelegatedWork", "/planner/rosters/{id}": "least=DelegatedWork", @@ -51886,7 +52050,6 @@ ], "paths": { "/users/{id}/deleteddatetime": "least=Application", - "/users/{id}/licenseDetails/getTeamsLicensingDetails": "least=Application", "/users/{id}/memberof/{id}": "least=Application", "/users/{id}/outlook/supportedlanguages": "least=Application", "/users/{id}/outlook/supportedtimezones": "least=Application", @@ -53802,20 +53965,52 @@ "ownerSecurityGroup": "mfateam" } }, - "UserAuthMethod-Passkey.Read.All": { + "UserAuthMethod-Email.Read": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read all users' passkey authentication methods", - "adminDescription": "Allows the app to read passkey authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", - "userDisplayName": "Read all users' passkey authentication methods", - "userDescription": "Allows the app to read passkey authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "adminDisplayName": "Read the signed-in user's email authentication methods", + "adminDescription": "Allows the app to read the signed-in user's email authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your email authentication methods", + "userDescription": "Allows the app to read your email authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/emailmethods": "least=DelegatedWork", + "/me/authentication/emailmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/emailmethods": "least=DelegatedWork", + "/users/{id}/authentication/emailmethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Email.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' email methods", + "adminDescription": "Allows the app to read email methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' email methods", + "userDescription": "Allows the app to read email methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 3 }, "Application": { - "adminDisplayName": "Read all users' passkey authentication methods", - "adminDescription": "Allows the app to read passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "adminDisplayName": "Read all users' email methods", + "adminDescription": "Allows the app to read email methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -53829,9 +54024,8 @@ "GET" ], "paths": { - "/me/authentication/fido2methods": "", - "/me/authentication/fido2methods/{id}": "", - "/me/authentication/fido2methods/creationOptions": "least=DelegatedWork" + "/me/authentication/emailmethods": "", + "/me/authentication/emailmethods/{id}": "" } }, { @@ -53843,9 +54037,8 @@ "GET" ], "paths": { - "/users/{id}/authentication/fido2methods": "least=Application", - "/users/{id}/authentication/fido2methods/{id}": "least=Application", - "/users/{id}/authentication/fido2methods/creationOptions": "least=DelegatedWork,Application" + "/users/{id}/authentication/emailmethods": "least=Application", + "/users/{id}/authentication/emailmethods/{id}": "least=Application" } } ], @@ -53853,20 +54046,20 @@ "ownerSecurityGroup": "mfateam" } }, - "UserAuthMethod-Passkey.ReadWrite.All": { + "UserAuthMethod-Email.ReadWrite.All": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read and write all users' passkey methods.", - "adminDescription": "Allows the app to read and write passkey authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", - "userDisplayName": "Read and write all users' passkey authentication methods", - "userDescription": "Allows the app to read and write passkey authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "adminDisplayName": "Read and write all users' email methods.", + "adminDescription": "Allows the app to read and write email methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' email methods", + "userDescription": "Allows the app to read and write email methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 4 }, "Application": { - "adminDisplayName": "Read and write all users' passkey authentication methods", - "adminDescription": "Allows the application to read and write passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "adminDisplayName": "Read and write all users' email methods", + "adminDescription": "Allows the application to read and write email methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -53880,9 +54073,8 @@ "GET" ], "paths": { - "/me/authentication/fido2methods": "", - "/me/authentication/fido2methods/{id}": "", - "/me/authentication/fido2methods/creationOptions": "" + "/me/authentication/emailmethods": "", + "/me/authentication/emailmethods/{id}": "" } }, { @@ -53893,8 +54085,7 @@ "POST" ], "paths": { - "/me/authentication/fido2methods": "least=DelegatedWork", - "/me/authentication/fido2methods/creationOptions": "least=DelegatedWork" + "/me/authentication/emailmethods": "" } }, { @@ -53906,7 +54097,7 @@ "PATCH" ], "paths": { - "/me/authentication/fido2methods/{id}": "least=DelegatedWork" + "/me/authentication/emailmethods/{id}": "" } }, { @@ -53918,9 +54109,8 @@ "GET" ], "paths": { - "/users/{id}/authentication/fido2Methods": "", - "/users/{id}/authentication/fido2methods/{id}": "", - "/users/{id}/authentication/fido2Methods/creationOptions": "" + "/users/{id}/authentication/emailmethods": "", + "/users/{id}/authentication/emailmethods/{id}": "" } }, { @@ -53932,8 +54122,7 @@ "POST" ], "paths": { - "/users/{id}/authentication/fido2Methods": "least=DelegatedWork,Application", - "/users/{id}/authentication/fido2Methods/creationOptions": "least=DelegatedWork,Application" + "/users/{id}/authentication/emailmethods": "least=DelegatedWork,Application" } }, { @@ -53946,7 +54135,7 @@ "PATCH" ], "paths": { - "/users/{id}/authentication/fido2methods/{id}": "least=DelegatedWork,Application" + "/users/{id}/authentication/emailmethods/{id}": "least=DelegatedWork,Application" } } ], @@ -53954,51 +54143,50 @@ "ownerSecurityGroup": "mfateam" } }, - "UserCloudClipboard.Read": { + "UserAuthMethod-External.Read": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read cloud clipboard items", - "adminDescription": "Allows the app to read cloud clipboard data on behalf of the signed-in user.", - "userDisplayName": "Read cloud clipboard items", - "userDescription": "Allows the app to read your cloud clipboard items.", - "requiresAdminConsent": false - }, - "DelegatedPersonal": { - "adminDisplayName": "Read cloud clipboard items", - "adminDescription": "Allows the app to read cloud clipboard data on behalf of the signed-in user.", - "userDisplayName": "Read cloud clipboard items", - "userDescription": "Allows the app to read your cloud clipboard items.", - "requiresAdminConsent": false + "adminDisplayName": "Read the signed-in user's external authentication methods", + "adminDescription": "Allows the app to read the signed-in user's external authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your external authentication methods", + "userDescription": "Allows the app to read your external authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 } }, "pathSets": [ { "schemeKeys": [ - "DelegatedWork", - "DelegatedPersonal" + "DelegatedWork" ], "methods": [ "GET" ], "paths": { - "/me/cloudClipboard/items": "least=DelegatedWork,DelegatedPersonal", - "/me/cloudClipboard/items/{id}": "least=DelegatedWork,DelegatedPersonal", - "/users/{id}/cloudClipboard/items": "least=DelegatedWork,DelegatedPersonal", - "/users/{id}/cloudClipboard/items/{id}": "least=DelegatedWork,DelegatedPersonal" + "/users/{id}/authentication/externalauthenticationmethods": "least=DelegatedWork", + "/users/{id}/authentication/externalauthenticationmethods/{id}": "least=DelegatedWork" } } ], "ownerInfo": { - "ownerSecurityGroup": "afsdev" + "ownerSecurityGroup": "mfateam" } }, - "UserShiftPreferences.Read.All": { + "UserAuthMethod-External.Read.All": { "authorizationType": "oAuth2", "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' external authentication methods", + "adminDescription": "Allows the app to read external authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' external authentication methods", + "userDescription": "Allows the app to read external authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, "Application": { - "adminDisplayName": "Read all user shift preferences", - "adminDescription": "Allows the app to read all users' shift schedule preferences without a signed-in user.", + "adminDisplayName": "Read all users' external authentication methods", + "adminDescription": "Allows the app to read external authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -54006,24 +54194,36 @@ "pathSets": [ { "schemeKeys": [ + "DelegatedWork", "Application" ], "methods": [ "GET" ], "paths": { - "/users/{id}/settings/shiftpreferences": "least=Application" + "/users/{id}/authentication/externalauthenticationmethods": "least=Application", + "/users/{id}/authentication/externalauthenticationmethods/{id}": "least=Application" } } ], - "ownerInfo": {} + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } }, - "UserShiftPreferences.ReadWrite.All": { + "UserAuthMethod-External.ReadWrite.All": { "authorizationType": "oAuth2", "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' external methods.", + "adminDescription": "Allows the app to read and write external authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' external authentication methods", + "userDescription": "Allows the app to read and write external authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, "Application": { - "adminDisplayName": "Read and write all user shift preferences", - "adminDescription": "Allows the app to manage all users' shift schedule preferences without a signed-in user.", + "adminDisplayName": "Read and write all users' external authentication methods", + "adminDescription": "Allows the application to read and write external authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -54031,27 +54231,54 @@ "pathSets": [ { "schemeKeys": [ + "DelegatedWork", "Application" ], "methods": [ - "GET", - "PATCH" + "GET" ], "paths": { - "/users/{id}/settings/shiftpreferences": "least=Application" + "/users/{id}/authentication/externalauthenticationmethods": "", + "/users/{id}/authentication/externalauthenticationmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/authentication/externalauthenticationmethods": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/externalauthenticationmethods/{id}": "least=DelegatedWork,Application" } } ], - "ownerInfo": {} + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } }, - "UserTeamwork.Read": { + "UserAuthMethod-HardwareOATH.Read": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read user teamwork settings", - "adminDescription": "Allows the app to read the teamwork settings of the signed-in user.", - "userDisplayName": "Read your teamwork settings.", - "userDescription": "Allows the app to read your teamwork settings, on your behalf.", + "adminDisplayName": "Read the signed-in user's HardwareOATH authentication methods", + "adminDescription": "Allows the app to read the signed-in user's HardwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your HardwareOATH authentication methods", + "userDescription": "Allows the app to read your HardwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 2 } @@ -54065,20 +54292,31 @@ "GET" ], "paths": { - "/users/{id}/teamwork": "least=DelegatedWork" + "/me/authentication/hardwareOathMethods": "least=DelegatedWork", + "/me/authentication/hardwareOathMethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods/{id}": "least=DelegatedWork" } } ], "ownerInfo": { - "ownerSecurityGroup": "TeamsPermissions" + "ownerSecurityGroup": "mfateam" } }, - "UserTeamwork.Read.All": { + "UserAuthMethod-HardwareOATH.Read.All": { "authorizationType": "oAuth2", "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' HardwareOATH authentication methods", + "adminDescription": "Allows the app to read HardwareOATH authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' HardwareOATH authentication methods", + "userDescription": "Allows the app to read HardwareOATH authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, "Application": { - "adminDisplayName": "Read all user teamwork settings", - "adminDescription": "Allows the app to read all user teamwork settings without a signed-in user.", + "adminDisplayName": "Read all users' HardwareOATH authentication methods", + "adminDescription": "Allows the app to read HardwareOATH authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -54086,71 +54324,209 @@ "pathSets": [ { "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/hardwareOathMethods": "", + "/me/authentication/hardwareOathMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", "Application" ], "methods": [ "GET" ], "paths": { - "/users/{id}/teamwork": "least=Application" + "/users/{id}/authentication/hardwareOathMethods": "least=Application", + "/users/{id}/authentication/hardwareOathMethods/{id}": "least=Application" } } ], "ownerInfo": { - "ownerSecurityGroup": "TeamsPermissions" + "ownerSecurityGroup": "mfateam" } }, - "UserWindowsSettings.Read": { + "UserAuthMethod-HardwareOATH.ReadWrite": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read windows settings and their values stored for all devices in cloud", - "adminDescription": "Allows the app to read windows settings which are stored in cloud and their values on behalf of the signed-in user.", - "userDisplayName": "Read windows settings and their values stored for all devices in cloud", - "userDescription": "Allows the app to read your windows settings which are stored in cloud and their values.", - "requiresAdminConsent": false + "adminDisplayName": "Read and write the signed-in user's HardwareOATH authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's HardwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your HardwareOATH authentication methods", + "userDescription": "Allows the app to read and write your HardwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/hardwareOathMethods": "", + "/me/authentication/hardwareOathMethods/{id}": "", + "/users/{id}/authentication/hardwareOathMethods": "", + "/users/{id}/authentication/hardwareOathMethods/{id}": "" + } }, - "DelegatedPersonal": { - "adminDisplayName": "Read windows settings and their values stored for all devices in cloud", - "adminDescription": "Allows the app to read windows settings which are stored in cloud and their values on behalf of the signed-in user.", - "userDisplayName": "Read windows settings and their values stored for all devices in cloud", - "userDescription": "Allows the app to read your windows settings which are stored in cloud and their values.", - "requiresAdminConsent": false + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/hardwareOathMethods": "least=DelegatedWork", + "/me/authentication/hardwareOathMethods/{id}/activate": "least=DelegatedWork", + "/me/authentication/hardwareOathMethods/assignAndActivate": "least=DelegatedWork", + "/me/authentication/hardwareOathMethods/assignAndActivateBySerialNumber": "least=DelegatedWork", + "/me/authentication/hardwareOathMethods/deactivate": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods/{id}/activate": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods/assignAndActivate": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods/assignAndActivateBySerialNumber": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods/deactivate": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/hardwareOathMethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/hardwareOathMethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-HardwareOATH.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' HardwareOATH methods.", + "adminDescription": "Allows the app to read and write HardwareOATH authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' HardwareOATH authentication methods", + "userDescription": "Allows the app to read and write HardwareOATH authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' HardwareOATH authentication methods", + "adminDescription": "Allows the application to read and write HardwareOATH authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 } }, "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/hardwareOathMethods": "", + "/me/authentication/hardwareOathMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/hardwareOathMethods": "", + "/me/authentication/hardwareOathMethods/{id}/activate": "", + "/me/authentication/hardwareOathMethods/assignAndActivate": "", + "/me/authentication/hardwareOathMethods/assignAndActivateBySerialNumber": "", + "/me/authentication/hardwareOathMethods/deactivate": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/hardwareOathMethods/{id}": "" + } + }, { "schemeKeys": [ "DelegatedWork", - "DelegatedPersonal" + "Application" ], "methods": [ "GET" ], "paths": { - "/me/settings/windows": "least=DelegatedWork,DelegatedPersonal", - "/me/settings/windows/{id}": "least=DelegatedWork,DelegatedPersonal", - "/me/settings/windows/{id}/instances": "least=DelegatedWork,DelegatedPersonal", - "/me/settings/windows/{id}/instances/{id}": "least=DelegatedWork,DelegatedPersonal", - "/users/{id}/settings/windows": "least=DelegatedWork,DelegatedPersonal", - "/users/{id}/settings/windows/{id}": "least=DelegatedWork,DelegatedPersonal", - "/users/{id}/settings/windows/{id}/instances": "least=DelegatedWork,DelegatedPersonal", - "/users/{id}/settings/windows/{id}/instances/{id}": "least=DelegatedWork,DelegatedPersonal" + "/users/{id}/authentication/hardwareOathMethods": "", + "/users/{id}/authentication/hardwareOathMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/authentication/hardwareOathMethods": "least=DelegatedWork,Application", + "/users/{id}/authentication/hardwareOathMethods/{id}/activate": "least=Application", + "/users/{id}/authentication/hardwareOathMethods/assignAndActivate": "least=Application", + "/users/{id}/authentication/hardwareOathMethods/assignAndActivateBySerialNumber": "least=Application", + "/users/{id}/authentication/hardwareOathMethods/deactivate": "least=Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/hardwareOathMethods/{id}": "least=DelegatedWork,Application" } } ], "ownerInfo": { - "ownerSecurityGroup": "afsdev" + "ownerSecurityGroup": "mfateam" } }, - "UserWindowsSettings.Read.All": { + "UserAuthMethod-MicrosoftAuthApp.Read": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read windows settings for all devices", - "adminDescription": "Allows the app to read a user's windows settings which are stored in cloud and their values on behalf of the signed-in user.", - "userDisplayName": "Read your windows settings for all devices", - "userDescription": "Allows the app to read your windows settings which are stored in cloud and their values.", + "adminDisplayName": "Read the signed-in user's Microsoft Authenticator authentication methods", + "adminDescription": "Allows the app to read the signed-in user's Microsoft Authenticator authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your Microsoft Authenticator authentication methods", + "userDescription": "Allows the app to read your Microsoft Authenticator authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 2 } @@ -54164,27 +54540,37 @@ "GET" ], "paths": { - "/users/{id}/settings/windows": "", - "/users/{id}/settings/windows/{id}": "", - "/users/{id}/settings/windows/{id}/instances": "", - "/users/{id}/settings/windows/{id}/instances/{id}": "" + "/me/authentication/microsoftauthenticatormethods": "least=DelegatedWork", + "/me/authentication/microsoftauthenticatormethods/{id}": "least=DelegatedWork", + "/me/authentication/passwordlessmicrosoftauthenticatormethods": "least=DelegatedWork", + "/me/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/microsoftauthenticatormethods": "least=DelegatedWork", + "/users/{id}/authentication/microsoftauthenticatormethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods": "least=DelegatedWork", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "least=DelegatedWork" } } ], "ownerInfo": { - "ownerSecurityGroup": "afsdev" + "ownerSecurityGroup": "mfateam" } }, - "UserWindowsSettings.ReadWrite.All": { + "UserAuthMethod-MicrosoftAuthApp.Read.All": { "authorizationType": "oAuth2", "schemes": { "DelegatedWork": { - "adminDisplayName": "Read and write windows settings for all devices", - "adminDescription": "Allows the app to read and write a user's windows settings which are stored in cloud and their values on behalf of the signed-in user.", - "userDisplayName": "Read and write your windows settings for all devices", - "userDescription": "Allows the app to read and write your windows settings which are stored in cloud and their values.", + "adminDisplayName": "Read all users' Microsoft authentication methods", + "adminDescription": "Allows the app to read Microsoft authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' Microsoft authentication methods", + "userDescription": "Allows the app to read Microsoft authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", "requiresAdminConsent": true, "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' Microsoft authentication methods", + "adminDescription": "Allows the app to read Microsoft authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 } }, "pathSets": [ @@ -54193,16 +54579,2229 @@ "DelegatedWork" ], "methods": [ - "DELETE", "GET" ], "paths": { - "/users/{id}/settings/windows": "least=DelegatedWork" + "/me/authentication/microsoftauthenticatormethods": "", + "/me/authentication/microsoftauthenticatormethods/{id}": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/microsoftauthenticatormethods": "least=Application", + "/users/{id}/authentication/microsoftauthenticatormethods/{id}": "least=Application", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods": "least=Application", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "least=Application" } } ], "ownerInfo": { - "ownerSecurityGroup": "afsdev" + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-MicrosoftAuthApp.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's Microsoft Authenticator authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's Microsoft Authenticator authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your Microsoft Authenticator authentication methods", + "userDescription": "Allows the app to read and write your Microsoft Authenticator authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/microsoftauthenticatormethods": "", + "/me/authentication/microsoftauthenticatormethods/{id}": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "", + "/users/{id}/authentication/microsoftauthenticatormethods": "", + "/users/{id}/authentication/microsoftauthenticatormethods/{id}": "", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods": "", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/microsoftauthenticatormethods/{id}": "least=DelegatedWork", + "/me/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/microsoftauthenticatormethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-MicrosoftAuthApp.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' Microsoft Authentication methods.", + "adminDescription": "Allows the app to read and write Microsoft Authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' Microsoft Authentication methods", + "userDescription": "Allows the app to read and write Microsoft Authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' Microsoft Authentication methods", + "adminDescription": "Allows the application to read and write Microsoft Authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/microsoftauthenticatormethods": "", + "/me/authentication/microsoftauthenticatormethods/{id}": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/microsoftauthenticatormethods/{id}": "", + "/me/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/microsoftauthenticatormethods": "", + "/users/{id}/authentication/microsoftauthenticatormethods/{id}": "", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods": "", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/microsoftauthenticatormethods/{id}": "least=DelegatedWork,Application", + "/users/{id}/authentication/passwordlessmicrosoftauthenticatormethods/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Passkey.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's passkey authentication methods", + "adminDescription": "Allows the app to read the signed-in user's passkey authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your passkey authentication methods", + "userDescription": "Allows the app to read your passkey authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/fido2methods": "least=DelegatedWork", + "/me/authentication/fido2methods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/fido2methods": "least=DelegatedWork", + "/users/{id}/authentication/fido2methods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Passkey.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' passkey authentication methods", + "adminDescription": "Allows the app to read passkey authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' passkey authentication methods", + "userDescription": "Allows the app to read passkey authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' passkey authentication methods", + "adminDescription": "Allows the app to read passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/fido2methods": "", + "/me/authentication/fido2methods/{id}": "", + "/me/authentication/fido2methods/creationOptions": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/fido2methods": "least=Application", + "/users/{id}/authentication/fido2methods/{id}": "least=Application", + "/users/{id}/authentication/fido2methods/creationOptions": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Passkey.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's passkey authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's passkey authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your passkey authentication methods", + "userDescription": "Allows the app to read and write your passkey authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/fido2Methods": "", + "/me/authentication/fido2Methods/{id}": "", + "/me/authentication/fido2Methods/creationOptions": "", + "/users/{id}/authentication/fido2Methods": "", + "/users/{id}/authentication/fido2Methods/{id}": "", + "/users/{id}/authentication/fido2Methods/creationOptions": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/fido2Methods": "least=DelegatedWork", + "/users/{id}/authentication/fido2Methods": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/me/authentication/fido2Methods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/fido2Methods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Passkey.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' passkey methods.", + "adminDescription": "Allows the app to read and write passkey authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' passkey authentication methods", + "userDescription": "Allows the app to read and write passkey authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' passkey authentication methods", + "adminDescription": "Allows the application to read and write passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/fido2methods": "", + "/me/authentication/fido2methods/{id}": "", + "/me/authentication/fido2methods/creationOptions": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/fido2methods": "least=DelegatedWork", + "/me/authentication/fido2methods/creationOptions": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/me/authentication/fido2methods/{id}": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/fido2Methods": "", + "/users/{id}/authentication/fido2methods/{id}": "", + "/users/{id}/authentication/fido2Methods/creationOptions": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/authentication/fido2Methods": "least=DelegatedWork,Application", + "/users/{id}/authentication/fido2Methods/creationOptions": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/users/{id}/authentication/fido2methods/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Password.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's password authentication methods", + "adminDescription": "Allows the app to read the signed-in user's password authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your password authentication methods", + "userDescription": "Allows the app to read your password authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/passwordmethods": "least=DelegatedWork", + "/me/authentication/passwordmethods/{id}": "least=DelegatedWork", + "/me/authentication/passwordmethods/{id}/isUpdateSupported": "least=DelegatedWork", + "/users/{id}/authentication/passwordmethods": "least=DelegatedWork", + "/users/{id}/authentication/passwordmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/passwordmethods/{id}/isUpdateSupported": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Password.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' password authentication methods", + "adminDescription": "Allows the app to read password authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' password authentication methods", + "userDescription": "Allows the app to read password authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' password authentication methods", + "adminDescription": "Allows the app to read password authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/passwordmethods": "", + "/me/authentication/passwordmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/passwordmethods": "least=Application", + "/users/{id}/authentication/passwordmethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Password.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's password authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's password authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your password authentication methods", + "userDescription": "Allows the app to read and write your password authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/passwordmethods": "", + "/me/authentication/passwordmethods/{id}": "", + "/me/authentication/passwordmethods/{id}/isUpdateSupported": "", + "/users/{id}/authentication/passwordmethods": "", + "/users/{id}/authentication/passwordmethods/{id}": "", + "/users/{id}/authentication/passwordmethods/{id}/isUpdateSupported": "" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Password.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' password methods.", + "adminDescription": "Allows the app to read and write password authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' password authentication methods", + "userDescription": "Allows the app to read and write password authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' password authentication methods", + "adminDescription": "Allows the application to read and write password authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/passwordmethods": "", + "/me/authentication/passwordmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/passwordmethods": "", + "/users/{id}/authentication/passwordmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/authentication/passwordmethods/{id}/changepassword": "least=DelegatedWork", + "/users/{id}/authentication/passwordmethods/{id}/resetpassword": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Phone.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's phone authentication methods", + "adminDescription": "Allows the app to read the signed-in user's phone authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your phone authentication methods", + "userDescription": "Allows the app to read your phone authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/phonemethods": "least=DelegatedWork", + "/me/authentication/phonemethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/phonemethods": "least=DelegatedWork", + "/users/{id}/authentication/phonemethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Phone.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' phone authentication methods", + "adminDescription": "Allows the app to read phone authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' phone authentication methods", + "userDescription": "Allows the app to read phone authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' phone authentication methods", + "adminDescription": "Allows the app to read phone authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/phonemethods": "", + "/me/authentication/phonemethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/phonemethods": "least=Application", + "/users/{id}/authentication/phonemethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Phone.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's phone authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's phone authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your phone authentication methods", + "userDescription": "Allows the app to read and write your phone authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/phonemethods": "", + "/me/authentication/phonemethods/{id}": "", + "/users/{id}/authentication/phonemethods": "", + "/users/{id}/authentication/phonemethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/phonemethods": "least=DelegatedWork", + "/me/authentication/phonemethods/{id}/disablesmssignin": "least=DelegatedWork", + "/me/authentication/phonemethods/{id}/enablesmssignin": "least=DelegatedWork", + "/users/{id}/authentication/phonemethods": "least=DelegatedWork", + "/users/{id}/authentication/phonemethods/{id}/disablesmssignin": "least=DelegatedWork", + "/users/{id}/authentication/phonemethods/{id}/enablesmssignin": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/me/authentication/phonemethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/phonemethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Phone.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' phone methods.", + "adminDescription": "Allows the app to read and write Phone methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' phone methods", + "userDescription": "Allows the app to read and write phone methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' phone methods", + "adminDescription": "Allows the application to read and write phone methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/phonemethods": "", + "/me/authentication/phonemethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/phonemethods": "", + "/me/authentication/phonemethods/{id}/disablesmssignin": "", + "/me/authentication/phonemethods/{id}/enablesmssignin": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/me/authentication/phonemethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/phonemethods": "", + "/users/{id}/authentication/phonemethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/authentication/phonemethods": "least=DelegatedWork,Application", + "/users/{id}/authentication/phonemethods/{id}/disablesmssignin": "least=Application", + "/users/{id}/authentication/phonemethods/{id}/enablesmssignin": "least=Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/users/{id}/authentication/phonemethods/{id}": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "PUT" + ], + "paths": { + "/users/{id}/authentication/phonemethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-PlatformCred.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's platform credential authentication methods", + "adminDescription": "Allows the app to read the signed-in user's platform credential authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your platform credential authentication methods", + "userDescription": "Allows the app to read your platform credential authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/platformCredentialMethods": "least=DelegatedWork", + "/me/authentication/platformCredentialMethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/platformCredentialMethods": "least=DelegatedWork", + "/users/{id}/authentication/platformCredentialMethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-PlatformCred.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' platform credentials methods", + "adminDescription": "Allows the app to read platform credentials methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' platform credentials methods", + "userDescription": "Allows the app to read platform credentials methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' platform credentials methods", + "adminDescription": "Allows the app to read platform credentials methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/platformCredentialMethods": "", + "/me/authentication/platformCredentialMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/platformCredentialMethods": "least=Application", + "/users/{id}/authentication/platformCredentialMethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-PlatformCred.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's platform credential authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's platform credential authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your platform credential authentication methods", + "userDescription": "Allows the app to read and write your platform credential authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/platformCredentialMethods": "", + "/me/authentication/platformCredentialMethods/{id}": "", + "/users/{id}/authentication/platformCredentialMethods": "", + "/users/{id}/authentication/platformCredentialMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/platformCredentialMethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/platformCredentialMethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-PlatformCred.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' platform credentials methods.", + "adminDescription": "Allows the app to read and write platform credentials methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' platform credentials methods", + "userDescription": "Allows the app to read and write platform credentials methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' platform credentials methods", + "adminDescription": "Allows the application to read and write platform credentials methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/platformCredentialMethods": "", + "/me/authentication/platformCredentialMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/platformCredentialMethods/{id}": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/platformCredentialMethods": "", + "/users/{id}/authentication/platformCredentialMethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/platformCredentialMethods/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-QR.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's QR authentication methods", + "adminDescription": "Allows the app to read the signed-in user's QR authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your QR authentication methods", + "userDescription": "Allows the app to read your QR authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "least=DelegatedWork", + "/me/authentication/qrcodepinmethod/pin": "least=DelegatedWork", + "/me/authentication/qrcodepinmethod/standardqrcode": "least=DelegatedWork", + "/me/authentication/qrcodepinmethod/temporaryqrcode": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod/pin": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod/standardqrcode": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod/temporaryqrcode": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-QR.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' QR methods", + "adminDescription": "Allows the app to read QR authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' QR methods", + "userDescription": "Allows the app to read QR authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' QR methods", + "adminDescription": "Allows the app to read QR authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "", + "/me/authentication/qrcodepinmethod/pin": "", + "/me/authentication/qrcodepinmethod/standardqrcode": "", + "/me/authentication/qrcodepinmethod/temporaryqrcode": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/qrcodepinmethod": "least=Application", + "/users/{id}/authentication/qrcodepinmethod/pin": "least=Application", + "/users/{id}/authentication/qrcodepinmethod/standardqrcode": "least=Application", + "/users/{id}/authentication/qrcodepinmethod/temporaryqrcode": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-QR.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's QR authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's QR authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your QR authentication methods", + "userDescription": "Allows the app to read and write your QR authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "", + "/me/authentication/qrcodepinmethod/pin": "", + "/me/authentication/qrcodepinmethod/standardqrcode": "", + "/me/authentication/qrcodepinmethod/temporaryqrcode": "", + "/users/{id}/authentication/qrcodepinmethod": "", + "/users/{id}/authentication/qrcodepinmethod/pin": "", + "/users/{id}/authentication/qrcodepinmethod/standardqrcode": "", + "/users/{id}/authentication/qrcodepinmethod/temporaryqrcode": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "least=DelegatedWork", + "/me/authentication/qrcodepinmethod/pin": "least=DelegatedWork", + "/me/authentication/qrcodepinmethod/standardqrcode": "least=DelegatedWork", + "/me/authentication/qrcodepinmethod/temporaryqrcode": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod/pin": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod/standardqrcode": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod/temporaryqrcode": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "PUT" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "least=DelegatedWork", + "/users/{id}/authentication/qrcodepinmethod": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-QR.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' QR methods.", + "adminDescription": "Allows the app to read and write QR authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' QR methods", + "userDescription": "Allows the app to read and write QR authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' QR methods", + "adminDescription": "Allows the application to read and write QR authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "PUT" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "GET", + "PATCH" + ], + "paths": { + "/me/authentication/qrcodepinmethod": "", + "/me/authentication/qrcodepinmethod/pin": "", + "/me/authentication/qrcodepinmethod/standardqrcode": "", + "/me/authentication/qrcodepinmethod/temporaryqrcode": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "PUT" + ], + "paths": { + "/users/{id}/authentication/qrcodepinmethod": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/qrcodepinmethod": "", + "/users/{id}/authentication/qrcodepinmethod/pin": "", + "/users/{id}/authentication/qrcodepinmethod/standardqrcode": "", + "/users/{id}/authentication/qrcodepinmethod/temporaryqrcode": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/users/{id}/authentication/qrcodepinmethod": "least=DelegatedWork,Application", + "/users/{id}/authentication/qrcodepinmethod/pin": "least=DelegatedWork,Application", + "/users/{id}/authentication/qrcodepinmethod/standardqrcode": "least=DelegatedWork,Application", + "/users/{id}/authentication/qrcodepinmethod/temporaryqrcode": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-SoftwareOATH.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's SoftwareOATH authentication methods", + "adminDescription": "Allows the app to read the signed-in user's SoftwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your SoftwareOATH authentication methods", + "userDescription": "Allows the app to read your SoftwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/softwareoathmethods": "least=DelegatedWork", + "/me/authentication/softwareoathmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/softwareoathmethods": "least=DelegatedWork", + "/users/{id}/authentication/softwareoathmethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-SoftwareOATH.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' SoftwareOATH methods", + "adminDescription": "Allows the app to read SoftwareOATH authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' SoftwareOATH methods", + "userDescription": "Allows the app to read SoftwareOATH authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' SoftwareOATH methods", + "adminDescription": "Allows the app to read SoftwareOATH authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/softwareoathmethods": "", + "/me/authentication/softwareoathmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/softwareoathmethods": "least=Application", + "/users/{id}/authentication/softwareoathmethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-SoftwareOATH.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's SoftwareOATH authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's SoftwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your SoftwareOATH authentication methods", + "userDescription": "Allows the app to read and write your SoftwareOATH authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/softwareoathmethods": "", + "/me/authentication/softwareoathmethods/{id}": "", + "/users/{id}/authentication/softwareoathmethods": "", + "/users/{id}/authentication/softwareoathmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/softwareoathmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/softwareoathmethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-SoftwareOATH.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' SoftwareOATH methods.", + "adminDescription": "Allows the app to read and write SoftwareOATH authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' SoftwareOATH methods", + "userDescription": "Allows the app to read and write SoftwareOATH authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' SoftwareOATH methods", + "adminDescription": "Allows the application to read and write SoftwareOATH authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/softwareoathmethods": "", + "/me/authentication/softwareoathmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/softwareoathmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/softwareoathmethods": "", + "/users/{id}/authentication/softwareoathmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/softwareoathmethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-TAP.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's Temporary Access Pass authentication methods", + "adminDescription": "Allows the app to read the signed-in user's Temporary Access Pass authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your Temporary Access Pass authentication methods", + "userDescription": "Allows the app to read your Temporary Access Pass authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods": "least=DelegatedWork", + "/me/authentication/temporaryaccesspassmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/temporaryaccesspassmethods": "least=DelegatedWork", + "/users/{id}/authentication/temporaryaccesspassmethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-TAP.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' Temporary Access Pass methods", + "adminDescription": "Allows the app to read Temporary Access Pass authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' Temporary Access Pass methods", + "userDescription": "Allows the app to read Temporary Access Pass authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' Temporary Access Pass methods", + "adminDescription": "Allows the app to read Temporary Access Pass authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods": "", + "/me/authentication/temporaryaccesspassmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/temporaryaccesspassmethods": "least=Application", + "/users/{id}/authentication/temporaryaccesspassmethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-TAP.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's Temporary Access Pass authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's Temporary Access Pass authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your Temporary Access Pass authentication methods", + "userDescription": "Allows the app to read and write your Temporary Access Pass authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods": "", + "/me/authentication/temporaryaccesspassmethods/{id}": "", + "/users/{id}/authentication/temporaryaccesspassmethods": "", + "/users/{id}/authentication/temporaryaccesspassmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/temporaryaccesspassmethods/{id}": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-TAP.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' Temporary Access Pass methods.", + "adminDescription": "Allows the app to read and write Temporary Access Pass authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' Temporary Access Pass methods", + "userDescription": "Allows the app to read and write Temporary Access Pass authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' Temporary Access Pass methods", + "adminDescription": "Allows the application to read and write Temporary Access Pass authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods": "", + "/me/authentication/temporaryaccesspassmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods/{id}": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/authentication/temporaryaccesspassmethods": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/temporaryaccesspassmethods": "", + "/users/{id}/authentication/temporaryaccesspassmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/authentication/temporaryaccesspassmethods": "least=DelegatedWork,Application" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/temporaryaccesspassmethods/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-WindowsHello.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read the signed-in user's Windows Hello methods", + "adminDescription": "Allows the app to read the signed-in user's Windows Hello authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read your Windows Hello authentication methods", + "userDescription": "Allows the app to read your Windows Hello authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/windowshelloforbusinessmethods": "least=DelegatedWork", + "/me/authentication/windowshelloforbusinessmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/windowshelloforbusinessmethods": "least=DelegatedWork", + "/users/{id}/authentication/windowshelloforbusinessmethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-WindowsHello.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' Windows Hello methods", + "adminDescription": "Allows the app to read Windows Hello authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' Windows Hello methods", + "userDescription": "Allows the app to read Windows Hello authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read all users' Windows Hello methods", + "adminDescription": "Allows the app to read Windows Hello authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/windowshelloforbusinessmethods": "", + "/me/authentication/windowshelloforbusinessmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/windowshelloforbusinessmethods": "least=Application", + "/users/{id}/authentication/windowshelloforbusinessmethods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-WindowsHello.ReadWrite": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write the signed-in user's Windows Hello authentication methods", + "adminDescription": "Allows the app to read and write the signed-in user's Windows Hello authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write your Windows Hello authentication methods", + "userDescription": "Allows the app to read and write your Windows Hello authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/windowshelloforbusinessmethods": "", + "/me/authentication/windowshelloforbusinessmethods/{id}": "", + "/users/{id}/authentication/windowshelloforbusinessmethods": "", + "/users/{id}/authentication/windowshelloforbusinessmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/windowshelloforbusinessmethods/{id}": "least=DelegatedWork", + "/users/{id}/authentication/windowshelloforbusinessmethods/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-WindowsHello.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' Windows Hello methods.", + "adminDescription": "Allows the app to read and write Windows Hello authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' Windows Hello methods", + "userDescription": "Allows the app to read and write Windows Hello authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' Windows Hello authentication methods", + "adminDescription": "Allows the application to read and write Windows Hello authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/windowshelloforbusinessmethods": "", + "/me/authentication/windowshelloforbusinessmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/authentication/windowshelloforbusinessmethods/{id}": "least=DelegatedWork" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/authentication/windowshelloforbusinessmethods": "", + "/users/{id}/authentication/windowshelloforbusinessmethods/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/authentication/windowshelloforbusinessmethods/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserCloudClipboard.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read cloud clipboard items", + "adminDescription": "Allows the app to read cloud clipboard data on behalf of the signed-in user.", + "userDisplayName": "Read cloud clipboard items", + "userDescription": "Allows the app to read your cloud clipboard items.", + "requiresAdminConsent": false + }, + "DelegatedPersonal": { + "adminDisplayName": "Read cloud clipboard items", + "adminDescription": "Allows the app to read cloud clipboard data on behalf of the signed-in user.", + "userDisplayName": "Read cloud clipboard items", + "userDescription": "Allows the app to read your cloud clipboard items.", + "requiresAdminConsent": false + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/cloudClipboard/items": "least=DelegatedWork,DelegatedPersonal", + "/me/cloudClipboard/items/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/cloudClipboard/items": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/cloudClipboard/items/{id}": "least=DelegatedWork,DelegatedPersonal" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "afsdev" + } + }, + "UserShiftPreferences.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "Application": { + "adminDisplayName": "Read all user shift preferences", + "adminDescription": "Allows the app to read all users' shift schedule preferences without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/settings/shiftpreferences": "least=Application" + } + } + ], + "ownerInfo": {} + }, + "UserShiftPreferences.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "Application": { + "adminDisplayName": "Read and write all user shift preferences", + "adminDescription": "Allows the app to manage all users' shift schedule preferences without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET", + "PATCH" + ], + "paths": { + "/users/{id}/settings/shiftpreferences": "least=Application" + } + } + ], + "ownerInfo": {} + }, + "UserTeamwork.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read user teamwork settings", + "adminDescription": "Allows the app to read the teamwork settings of the signed-in user.", + "userDisplayName": "Read your teamwork settings.", + "userDescription": "Allows the app to read your teamwork settings, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/teamwork": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "TeamsPermissions" + } + }, + "UserTeamwork.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "Application": { + "adminDisplayName": "Read all user teamwork settings", + "adminDescription": "Allows the app to read all user teamwork settings without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/teamwork": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "TeamsPermissions" + } + }, + "UserWindowsSettings.Read": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read windows settings and their values stored for all devices in cloud", + "adminDescription": "Allows the app to read windows settings which are stored in cloud and their values on behalf of the signed-in user.", + "userDisplayName": "Read windows settings and their values stored for all devices in cloud", + "userDescription": "Allows the app to read your windows settings which are stored in cloud and their values.", + "requiresAdminConsent": false + }, + "DelegatedPersonal": { + "adminDisplayName": "Read windows settings and their values stored for all devices in cloud", + "adminDescription": "Allows the app to read windows settings which are stored in cloud and their values on behalf of the signed-in user.", + "userDisplayName": "Read windows settings and their values stored for all devices in cloud", + "userDescription": "Allows the app to read your windows settings which are stored in cloud and their values.", + "requiresAdminConsent": false + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/settings/windows": "least=DelegatedWork,DelegatedPersonal", + "/me/settings/windows/{id}": "least=DelegatedWork,DelegatedPersonal", + "/me/settings/windows/{id}/instances": "least=DelegatedWork,DelegatedPersonal", + "/me/settings/windows/{id}/instances/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/settings/windows": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/settings/windows/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/settings/windows/{id}/instances": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/settings/windows/{id}/instances/{id}": "least=DelegatedWork,DelegatedPersonal" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "afsdev" + } + }, + "UserWindowsSettings.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read windows settings for all devices", + "adminDescription": "Allows the app to read a user's windows settings which are stored in cloud and their values on behalf of the signed-in user.", + "userDisplayName": "Read your windows settings for all devices", + "userDescription": "Allows the app to read your windows settings which are stored in cloud and their values.", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/settings/windows": "", + "/users/{id}/settings/windows/{id}": "", + "/users/{id}/settings/windows/{id}/instances": "", + "/users/{id}/settings/windows/{id}/instances/{id}": "" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "afsdev" + } + }, + "UserWindowsSettings.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write windows settings for all devices", + "adminDescription": "Allows the app to read and write a user's windows settings which are stored in cloud and their values on behalf of the signed-in user.", + "userDisplayName": "Read and write your windows settings for all devices", + "userDescription": "Allows the app to read and write your windows settings which are stored in cloud and their values.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "GET" + ], + "paths": { + "/users/{id}/settings/windows": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "afsdev" + } + }, + "VerifiedId-Profile.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read Verified Id profiles", + "adminDescription": "This role can read Verified Id profiles in a tenant.", + "userDisplayName": "Read Verified Id profiles", + "userDescription": "This role can read Verified Id profiles in a tenant.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Read Verified Id profiles", + "adminDescription": "This role can read Verified Id profiles in a tenant.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/identity/verifiedId/profiles": "least=DelegatedWork,Application", + "/identity/verifiedId/profiles/{id}": "least=DelegatedWork,Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "cred_recovery" + } + }, + "VerifiedId-Profile.ReadWrite.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write Verified Id profiles", + "adminDescription": "This role can read and write Verified Id profiles in a tenant.", + "userDisplayName": "Read and write Verified Id profiles", + "userDescription": "This role can read and write Verified Id profiles in a tenant.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE", + "GET", + "PATCH", + "POST" + ], + "paths": { + "/identity/verifiedId/profiles": "least=DelegatedWork", + "/identity/verifiedId/profiles/{id}": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "cred_recovery" } }, "VirtualAppointment.Read": { diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index ec9ae144..ed251110 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -154,6 +154,144 @@ "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], + "AgentInstance.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentInstance.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentInstance.ReadWrite.ManagedBy": [ + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentCard.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentCard.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentCard.ReadWrite.ManagedBy": [ + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentCollection.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentCollection.ReadWrite.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + }, + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], + "AgentCollection.ReadWrite.ManagedBy": [ + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640" + } + ], "AgentIdentityBlueprint.CreateAsManager": [ { "id": "ecf9c9c0-b7d6-48c0-8ad6-7b00493a2efb", @@ -370,6 +508,232 @@ "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], + "AgentIdentityBlueprint.Read.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprint.Create": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprint.DeleteRestore.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprint.ReadWrite.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprint.UpdateAuthorization.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprint.UpdateBranding.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprint.AddRemoveCreds.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprintPrincipal.CreateAsManager": [ + { + "id": "c50c596a-6889-4460-acb1-3ed7c5fc142a", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprintPrincipal.Read.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprintPrincipal.ReadWrite.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprintPrincipal.Create": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprintPrincipal.EnableDisable.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "AgentIdentityBlueprintPrincipal.DeleteRestore.All": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], "Agreement.Read.All": [ { "id": "af2819c9-df71-4dd3-ade7-4d7c9dc653b7", @@ -6108,6 +6472,42 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" } ], + "Group-OnPremisesInfo.Read.All": [ + { + "id": "f2e8c4b5-7a91-4d28-8f43-e9a5c6b7d812", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "a9d3f5e2-6c8b-4f71-9e42-d7b8a5c6f943", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "Group-OnPremisesInfo.ReadWrite.All": [ + { + "id": "e8b4c9f2-7d6a-4e3b-9f82-a5d4c8e9b216", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "d7f3a8e5-6c2b-4f91-8e43-b6d9c7f8a524", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], "Group-OrganizationalUnit.ReadWrite.All": [ { "id": "", @@ -6144,6 +6544,78 @@ "resourceAppId": "65d91a3d-ab74-42e6-8a2f-0add61688c74" } ], + "Group-ResourceBehavior.Read.All": [ + { + "id": "f9e2c8d4-3a7b-4e5f-8c91-d6b3a8e9c527", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "a7d3f8e2-6c4b-4f92-8e45-b8d9c3f7a618", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "Group-ResourceBehavior.ReadWrite.All": [ + { + "id": "c5b8f9e3-4d7a-4e6f-9c82-e7b4a9c6d739", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "b6c9f3e8-5d2a-4f73-9e84-f8c5b7d6a841", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "Group-ResourceProvisioning.Read.All": [ + { + "id": "d8e4f7c2-6a9b-4e3f-8c75-a9d6e4f8c952", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "e9f5c8d3-7b4a-4f61-9d86-c7e5f9d2a638", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], + "Group-ResourceProvisioning.ReadWrite.All": [ + { + "id": "f7c6d9e4-8a5b-4f72-8e97-d8f6c9e3b749", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + }, + { + "id": "a8d7f4e5-9b6c-4f83-9f48-e9a7d4f6c852", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000003-0000-0000-c000-000000000000" + } + ], "Group-UsageRight.Read.All": [ { "id": "194e60d3-61c6-4ca4-9906-e230b124c42c", @@ -7384,6 +7856,42 @@ "resourceAppId": "ce79fdc4-cd1d-4ea5-8139-e74d7dbe0bb7" } ], + "LifecyclePolicies-AgentId.Read.All": [ + { + "id": "3d09c9ee-9db9-4c84-85ec-f63a21b4ad2c", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "ce79fdc4-cd1d-4ea5-8139-e74d7dbe0bb7" + }, + { + "id": "75d9ca3df-7017-4feb-baa0-06a339b6c338", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "ce79fdc4-cd1d-4ea5-8139-e74d7dbe0bb7" + } + ], + "LifecyclePolicies-AgentId.ReadWrite.All": [ + { + "id": "f6fdb5f4-56bf-4daf-bb35-0b5ccdf56c4c", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "ce79fdc4-cd1d-4ea5-8139-e74d7dbe0bb7" + }, + { + "id": "079f94bb-be92-4268-b63c-ce4fb09f4318", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "ce79fdc4-cd1d-4ea5-8139-e74d7dbe0bb7" + } + ], "LifecycleWorkflows.Read.All": [ { "id": "9bcb9916-765a-42af-bf77-02282e26b01a", @@ -7980,6 +8488,16 @@ "resourceAppId": "" } ], + "CopilotTools.Read.All": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "ea9ffc3e-8a23-4a7d-836d-234d7c7565c1" + } + ], "MultiTenantOrganization.Read.All": [ { "id": "526aa72a-5878-49fe-bf4e-357973af9b06", @@ -10797,12 +11315,12 @@ ], "RealTimeActivityFeed.Read.All": [ { - "id": "", + "id": "db5d5bae-0c9e-444e-9390-8a5fea98c253", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, - "isEnabled": false, - "resourceAppId": "74658136-14ec-4630-ad9b-26e160ff0fc6" + "isHidden": false, + "isEnabled": true, + "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" }, { "id": "abafe00f-ea87-4c63-b8a8-0e7bb0a88144", @@ -10810,7 +11328,7 @@ "environment": "public", "isHidden": false, "isEnabled": true, - "resourceAppId": "" + "resourceAppId": "26a18ebc-cdf7-4a6a-91cb-beb352805e81" } ], "RecordsManagement.Read.All": [ @@ -12105,32 +12623,36 @@ ], "SecurityIdentitiesAutoConfig.Read.All": [ { + "id": "8ff90903-1ecb-4f3a-b8b2-42120374ecd6", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" }, { + "id": "58971758-9844-4fe4-9fba-7e4ce7a659bf", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" } ], "SecurityIdentitiesAutoConfig.ReadWrite.All": [ { + "id": "b810fdb4-8733-43bd-9b37-fddb7215c69f", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" }, { + "id": "4f1f0deb-08d1-4ffb-8cca-21dfc362b7c0", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" } @@ -12713,13 +13235,13 @@ "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], - "AgentIdentity-Basic.Update.All": [ + "AgentIdentity.ReadWrite.All": [ { "id": "", "scheme": "Application", "environment": "PPE;public", "isHidden": true, - "isEnabled": true, + "isEnabled": false, "resourceAppId": "00000003-0000-0000-c000-000000000000" }, { @@ -12727,7 +13249,7 @@ "scheme": "DelegatedWork", "environment": "PPE;public", "isHidden": true, - "isEnabled": true, + "isEnabled": false, "resourceAppId": "00000003-0000-0000-c000-000000000000" } ], @@ -12820,7 +13342,7 @@ "environment": "public", "isHidden": false, "isEnabled": true, - "resourceAppId": "00000003-0000-0000-c000-00000000000" + "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" }, { "id": "f5fa52a5-b9ab-4dc3-885e-9e5b4a67068e", @@ -12828,7 +13350,7 @@ "environment": "public", "isHidden": false, "isEnabled": true, - "resourceAppId": "00000003-0000-0000-c000-00000000000" + "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" } ], "SharePointCrossTenantMigration.Manage.All": [ @@ -12838,7 +13360,7 @@ "environment": "public", "isHidden": false, "isEnabled": true, - "resourceAppId": "00000003-0000-0000-c000-00000000000" + "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" }, { "id": "a0521574-fcd8-4742-b29c-f796df57ea70", @@ -12846,7 +13368,7 @@ "environment": "public", "isHidden": false, "isEnabled": true, - "resourceAppId": "00000003-0000-0000-c000-00000000000" + "resourceAppId": "00000003-0000-0ff1-ce00-000000000000" } ], "SharePointTenantSettings.Read.All": [ @@ -15709,28 +16231,28 @@ ], "UserAuthMethod-Email.Read": [ { - "id": "", + "id": "12b23cea-90c1-4873-9094-f45c5f290f86", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Email.Read.All": [ { - "id": "", + "id": "76caaf3a-ebdb-40a3-9299-4196e636f290", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "a1e58be0-1095-422b-b067-73434bd7d40f", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -15747,46 +16269,46 @@ ], "UserAuthMethod-Email.ReadWrite.All": [ { - "id": "", + "id": "074f680f-c89e-45be-880e-5d0642860a1c", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "e8ecb853-1435-4a49-95ba-ec5b31b11672", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-External.Read": [ { - "id": "", + "id": "d1739827-146b-4f7f-b52c-1c509253aa57", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-External.Read.All": [ { - "id": "", + "id": "cbca9646-4c34-4cea-8e54-9a7088018820", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "d2c4289f-9f95-40da-ad43-eeb1506f0db7", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -15803,140 +16325,140 @@ ], "UserAuthMethod-External.ReadWrite.All": [ { - "id": "", + "id": "9d91805d-0f53-43e3-a0f3-303ad4f3056f", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "c7a22c2e-5b01-4129-8159-6c8be2c78f16", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-HardwareOATH.Read": [ { - "id": "", + "id": "ccd2eb40-8874-44e6-8f96-335908b3cfdb", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-HardwareOATH.Read.All": [ { - "id": "", + "id": "acd68c26-c283-4bf4-8b5c-200fc179bdd5", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "7b544555-7811-49ff-8223-a56be870e33a", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-HardwareOATH.ReadWrite": [ { - "id": "", + "id": "147ca97b-6686-4849-b37e-09d9b5ad45fc", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-HardwareOATH.ReadWrite.All": [ { - "id": "", + "id": "480643f2-a162-43c5-a670-dc1494fc911b", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "7e9ebcc1-90aa-4471-8051-e68d6b4e9c89", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-MicrosoftAuthApp.Read": [ { - "id": "", + "id": "f14a567b-3280-4124-95a0-eca86006967e", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-MicrosoftAuthApp.Read.All": [ { - "id": "", + "id": "7b627679-e2fd-4bfd-990e-989e2914d4e6", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "a9c5f16e-e5ca-4e33-89ad-903fcfc01c23", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-MicrosoftAuthApp.ReadWrite": [ { - "id": "", + "id": "9f7dfa0c-eb40-42be-8d45-8af4a9219c6f", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-MicrosoftAuthApp.ReadWrite.All": [ { - "id": "", + "id": "1b7322b2-5cb3-4f13-928f-d7ca97c5fba9", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "c833c349-a1ab-4b6d-94a2-fa9a8674420c", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Passkey.Read": [ { - "id": "", + "id": "828fcbda-0d26-431d-8bfb-83f217224621", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -15961,10 +16483,10 @@ ], "UserAuthMethod-Passkey.ReadWrite": [ { - "id": "", + "id": "b2de7db9-10f7-4800-b04c-b5b91e4891d6", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -15989,392 +16511,392 @@ ], "UserAuthMethod-Password.Read": [ { - "id": "", + "id": "7f0f82c3-de19-4ddc-810d-a2206d7637fd", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Password.Read.All": [ { - "id": "", + "id": "4f69a4e2-2aa0-43a7-ad6b-98b4cda1f23f", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "8d2c17ff-b93d-40d5-9def-d843680509cb", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Password.ReadWrite": [ { - "id": "", + "id": "60cce20d-d41e-4594-b391-84bbf8cc31f3", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Password.ReadWrite.All": [ { - "id": "", + "id": "7f5b683d-df96-4690-a88d-6e336ed6dc7c", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "f6d38dfd-ec08-4995-8f07-23e929df0936", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Phone.Read": [ { - "id": "", + "id": "43dab3b9-e8b4-424d-8e13-6a2ad2a625fa", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Phone.Read.All": [ { - "id": "", + "id": "20cf4ae1-09b9-4d29-a6f8-43e1820ce60c", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "f529a223-ea70-43ec-b268-5012de2fbaa2", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Phone.ReadWrite": [ { - "id": "", + "id": "6c4aad61-f76b-46ad-a22c-57d4d3d962af", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-Phone.ReadWrite.All": [ { - "id": "", + "id": "48c99302-9a24-4f27-a8a7-acef4debba14", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "6e85d483-7092-4375-babe-0a94a8213a58", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-PlatformCred.Read": [ { - "id": "", + "id": "9c694582-e8f2-40e2-8353-fb43e2e0f12a", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-PlatformCred.Read.All": [ { - "id": "", + "id": "5936156c-f89b-4850-997d-026c4e6ce529", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "07c0b1e4-15bd-442f-834b-30f8291388d1", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-PlatformCred.ReadWrite": [ { - "id": "", + "id": "70327f81-b953-43c9-92d3-131c74e4beb8", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-PlatformCred.ReadWrite.All": [ { - "id": "", + "id": "cb11bf8c-dde1-4504-b6a5-31e1562b0749", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "1a87acf4-a9ca-4576-a974-452ea265d5f6", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-QR.Read": [ { - "id": "", + "id": "d6893c31-9187-405c-8dfc-f700c8fc161a", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-QR.Read.All": [ { - "id": "", + "id": "e4900dfb-ad17-410d-8ddb-7aebd8a6af1a", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "9a45bc50-cddd-4ebe-bd9c-4f2eacf646ae", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-QR.ReadWrite": [ { - "id": "", + "id": "651210da-18ce-4e42-b7db-302ff88e9326", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-QR.ReadWrite.All": [ { - "id": "", + "id": "db39086a-da7d-4cbd-9ac0-6816f9a80c95", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "4869299f-18c3-40c8-98f2-222657e67db1", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-SoftwareOATH.Read": [ { - "id": "", + "id": "247f2733-6e3d-46ff-a904-f5fd58eb0d97", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-SoftwareOATH.Read.All": [ { - "id": "", + "id": "3e366fa0-3097-4eb6-8294-3028f77eea6f", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "a6b423df-a0c8-411d-a809-a4a5985d2939", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-SoftwareOATH.ReadWrite": [ { - "id": "", + "id": "16721eb3-4493-4ae1-9542-264d9ffe3ce9", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-SoftwareOATH.ReadWrite.All": [ { - "id": "", + "id": "5b34c8b5-2396-4b35-b284-83fb6a3e73ce", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "787442d4-3c6e-4e99-aa95-8ccca20a48ff", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-TAP.Read": [ { - "id": "", + "id": "84ded88f-26ba-49d6-b776-efec398de692", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-TAP.Read.All": [ { - "id": "", + "id": "6976c635-c9c2-41e6-a21d-e6913a155273", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "bf82209c-b22b-4747-ac88-a68be99032cf", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-TAP.ReadWrite": [ { - "id": "", + "id": "2424436d-902f-4651-a1c7-b3b93147c960", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-TAP.ReadWrite.All": [ { - "id": "", + "id": "05de4a66-e51a-4312-842a-30c8094698d2", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "627169a8-8c15-451c-861a-5b80e383de5c", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-WindowsHello.Read": [ { - "id": "", + "id": "efe2b5aa-3a8e-486c-b0be-cc4d185c1b40", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-WindowsHello.Read.All": [ { - "id": "", + "id": "ff37d46d-b88a-4e0c-85ee-7e26c37b18eb", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "9b8dd4c7-8cca-4ef5-a34a-9c2c75fcc934", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-WindowsHello.ReadWrite": [ { - "id": "", + "id": "f11e1db9-d419-4a24-b677-792723ffd727", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } ], "UserAuthMethod-WindowsHello.ReadWrite.All": [ { - "id": "", + "id": "13eae17d-aaa4-47b8-aaee-0eb33c6e2450", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, { - "id": "", + "id": "f14eee8a-713e-45aa-8223-2ab74632db1a", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -16927,6 +17449,24 @@ "resourceAppId": "7c99d979-3b9c-4342-97dd-3239678fb300" } ], + "ContentUpload.User": [ + { + "id": "404c4b01-5b8c-43fb-ac89-1af17dd02744", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "7c99d979-3b9c-4342-97dd-3239678fb300" + }, + { + "id": "cfbe9ff6-c6f8-4f92-bf2e-3809ee891bf1", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "7c99d979-3b9c-4342-97dd-3239678fb300" + } + ], "Content.Process.All": [ { "id": "5ad511bf-571c-4ef6-8c3c-85b94b85df98", @@ -17006,7 +17546,7 @@ "id": "604b2056-41ed-4c56-aad5-1241d4ef7333", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }, @@ -17014,7 +17554,7 @@ "id": "e227c591-dd64-4a8a-a033-816167f7c938", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -17024,7 +17564,7 @@ "id": "e4a9cb5e-4767-48f8-9029-decf26a54456", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" }