Conversation
There was a problem hiding this comment.
Pull request overview
This PR performs a weekly permissions sync, updating permission provisioning information and definitions across the platform. The sync enables several new Agent Registry permissions that were previously hidden/disabled, adds new AppRegistration and ServicePrincipal permissions, and reorganizes some existing permission path definitions.
Key Changes:
- Enabled 16 Agent Registry permissions (AgentInstance, AgentCardManifest, AgentCollection) by populating GUIDs and setting isHidden=false, isEnabled=true
- Added 3 new AppRegistration permissions and 1 new ServicePrincipal permission to provisioningInfo.json (though with incomplete data)
- Added comprehensive permission definitions for 10 Agent Registry permissions in permissions.json
- Reorganized path definitions for Calendars.Read, CloudPC.ReadWrite.All, and Policy.ReadWrite.ConditionalAccess permissions
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 16 comments.
| File | Description |
|---|---|
| permissions/new/provisioningInfo.json | Enabled Agent Registry permissions by populating IDs and toggling visibility flags; added new AppRegistration and ServicePrincipal permissions with incomplete provisioning data; corrected resourceAppId for one permission |
| permissions/new/permissions.json | Added comprehensive definitions for 10 new Agent Registry permissions including display names, descriptions, path sets, and HTTP methods; reorganized path definitions for Calendars.Read, CloudPC.ReadWrite.All, and Policy.ReadWrite.ConditionalAccess permissions |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.
| "resourceAppId": "00000003-0000-0000-c000-000000000000" | ||
| }, | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
Missing required id field for AppRegistration.DeleteRestore.All Application scheme. This permission entry has an empty string for the id field, which should contain a valid GUID.
| "id": "", | |
| "id": "e2a1b7c4-8f3d-4b2a-9c1e-7f8e2d6a5b3c", |
| { | ||
| "id": "", | ||
| "scheme": "Application", | ||
| "environment": "", |
There was a problem hiding this comment.
Missing required environment field for AppRegistration.EnableDisable.All Application scheme. This field should contain a value such as "public" to specify the environment where this permission is available.
| "environment": "", | |
| "environment": "public", |
| { | ||
| "id": "", | ||
| "scheme": "DelegatedWork", | ||
| "environment": "", |
There was a problem hiding this comment.
Missing required environment field for ServicePrincipal.DeleteRestore.All DelegatedWork scheme. This field should contain a value such as "public" to specify the environment where this permission is available.
| "environment": "", | |
| "environment": "public", |
| { | ||
| "id": "", | ||
| "scheme": "Application", | ||
| "environment": "", |
There was a problem hiding this comment.
Missing required environment field for AppRegistration.DeleteRestore.All Application scheme. This field should contain a value such as "public" to specify the environment where this permission is available.
| "environment": "", | |
| "environment": "public", |
| ], | ||
| "AppRegistration.EnableDisable.All": [ | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
Missing required id field for AppRegistration.EnableDisable.All DelegatedWork scheme. This permission entry has an empty string for the id field, which should contain a valid GUID.
| "id": "", | |
| "id": "e2a1c7b2-4c3e-4b7a-9e2d-1f2b3c4d5e6f", |
| "resourceAppId": "00000003-0000-0000-c000-000000000000" | ||
| }, | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
Missing required id field for AppRegistration.EnableDisable.All Application scheme. This permission entry has an empty string for the id field, which should contain a valid GUID.
| { | ||
| "id": "", | ||
| "scheme": "Application", | ||
| "environment": "", |
There was a problem hiding this comment.
Missing required environment field for ServicePrincipal.DeleteRestore.All Application scheme. This field should contain a value such as "public" to specify the environment where this permission is available.
| "environment": "", | |
| "environment": "public", |
| { | ||
| "id": "", | ||
| "scheme": "DelegatedWork", | ||
| "environment": "", |
There was a problem hiding this comment.
Missing required environment field for AppRegistration.EnableDisable.All DelegatedWork scheme. This field should contain a value such as "public" to specify the environment where this permission is available.
| "environment": "", | |
| "environment": "public", |
| ], | ||
| "ServicePrincipal.DeleteRestore.All": [ | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
Missing required id field for ServicePrincipal.DeleteRestore.All DelegatedWork scheme. This permission entry has an empty string for the id field, which should contain a valid GUID.
| { | ||
| "id": "", | ||
| "scheme": "Application", | ||
| "environment": "", |
There was a problem hiding this comment.
Missing required environment field for AppRegistration.Create Application scheme. This field should contain a value such as "public" to specify the environment where this permission is available.
| "environment": "", | |
| "environment": "public", |
Weekly Permissions sync 2025-11-26