diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index af5993b6..df58c4fc 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -13783,7 +13783,7 @@ "userDisplayName": "View your list of devices", "userDescription": "Allows the app to see your list of devices.", "requiresAdminConsent": false, - "privilegeLevel": 2 + "privilegeLevel": 1 }, "DelegatedPersonal": { "adminDisplayName": "Read user devices", @@ -13791,7 +13791,7 @@ "userDisplayName": "View your list of devices", "userDescription": "Allows the app to see your list of devices.", "requiresAdminConsent": false, - "privilegeLevel": 2 + "privilegeLevel": 1 } }, "pathSets": [ @@ -13809,7 +13809,7 @@ } ], "ownerInfo": { - "ownerSecurityGroup": "afsadmins" + "ownerSecurityGroup": "adrsmsgraph" } }, "Device.Read.All": { @@ -13821,7 +13821,7 @@ "userDisplayName": "Read all devices", "userDescription": "Allows the app to read devices' configuration information on your behalf.", "requiresAdminConsent": true, - "privilegeLevel": 3 + "privilegeLevel": 2 }, "DelegatedPersonal": { "adminDisplayName": "Read all devices", @@ -13829,13 +13829,13 @@ "userDisplayName": "Read all devices", "userDescription": "Allows the app to read devices' configuration information on your behalf.", "requiresAdminConsent": true, - "privilegeLevel": 3 + "privilegeLevel": 2 }, "Application": { "adminDisplayName": "Read all devices", "adminDescription": "Allows the app to read your organization's devices' configuration information without a signed-in user.", "requiresAdminConsent": true, - "privilegeLevel": 4 + "privilegeLevel": 3 } }, "pathSets": [ @@ -13915,7 +13915,7 @@ } ], "ownerInfo": { - "ownerSecurityGroup": "devicesapprovers" + "ownerSecurityGroup": "adrsmsgraph" } }, "Device.ReadWrite.All": { @@ -13925,7 +13925,7 @@ "adminDisplayName": "Read and write devices", "adminDescription": "Allows the app to read and write all device properties without a signed in user. Does not allow device creation, device deletion or update of device alternative security identifiers.", "requiresAdminConsent": true, - "privilegeLevel": 4 + "privilegeLevel": 3 } }, "pathSets": [ @@ -14047,7 +14047,7 @@ } ], "ownerInfo": { - "ownerSecurityGroup": "IdentityReq" + "ownerSecurityGroup": "adrsmsgraph" } }, "DeviceLocalCredential.Read.All": { @@ -27714,6 +27714,55 @@ "ownerSecurityGroup": "AADGroupsPreAuth" } }, + "Group.ManageProtection.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Manage the Microsoft Information Protection (MIP) label for M365 and security groups.", + "adminDescription": "Allows the app to list groups, and to read their basic properties and manage the MIP label for all label enabled groups on behalf of the signed-in user. ", + "userDisplayName": "Manage group label.", + "userDescription": "Allows the app to list groups, to read their properties, and manage the MIP label on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": "Manage the Microsoft Information Protection (MIP) label for M365 and security groups.", + "adminDescription": "Allows the app to list groups, and to read their basic properties and manage the MIP label for all label enabled groups without a signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/groups": "", + "/groups/{id}": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/groups/{id}": "" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "AADGroupsPreAuth" + } + }, "Group.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -53889,7 +53938,7 @@ "DELETE" ], "paths": { - "/users/{user-id | user-principal-name}/chats/{chat-id}/targetedMessages/{message-id}": "least=DelegatedWork" + "/users/{id}/chats/{id}/targetedMessages/{id}": "least=DelegatedWork" } }, { @@ -53900,7 +53949,7 @@ "POST" ], "paths": { - "/users/{user-id | user-principal-name}/teamwork/deleteTargetedMessage": "least=DelegatedWork" + "/users/{id}/teamwork/deleteTargetedMessage": "least=DelegatedWork" } } ], diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index a8e72360..5bc47147 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -3814,6 +3814,42 @@ "resourceAppId": "" } ], + "CrossTenantRoleAssignment.Create": [ + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], + "CrossTenantRoleAssignment.Delete": [ + { + "id": "", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "CrossTenantUserProfileSharing.Read": [ { "id": "cb1ba48f-d22b-4325-a07f-74135a62ee41", @@ -4621,7 +4657,25 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "" + "resourceAppId": "01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9" + } + ], + "Device.DisableAccount.All": [ + { + "id": "321cb472-c68b-485c-bb46-3a817eaef927", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9" + }, + { + "id": "f1ca1df2-90bb-4733-94c0-b96d094f918a", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9" } ], "Device.EnableDisableAccount.All": [ @@ -4631,7 +4685,7 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "" + "resourceAppId": "01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9" }, { "id": "73b12cfb-f4a6-47f6-b7a0-10f514d668ad", @@ -4639,7 +4693,7 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "" + "resourceAppId": "01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9" } ], "Device.ProvisionForVDI": [ @@ -6825,7 +6879,7 @@ "id": "36263ed6-285e-4f84-b25a-62ec2ba17d29", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "00000002-0000-0000-c000-000000000000" }, @@ -6833,7 +6887,7 @@ "id": "60f8cea0-2476-45c9-ab18-70e79e60ad14", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "00000002-0000-0000-c000-000000000000" } @@ -7146,6 +7200,78 @@ "resourceAppId": "" } ], + "IdentityDiagnostic.Read": [ + { + "id": "f5b84bd9-6ffb-41bf-a2d2-644bcb35a835", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + }, + { + "id": "7d41d790-4257-4307-8643-9a6da6750b69", + "scheme": "DelegatedPersonal", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + } + ], + "IdentityDiagnostic.Read.All": [ + { + "id": "ba48ac7b-52a2-40f3-9003-acc2ef9f76f7", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + }, + { + "id": "50665eca-92bc-491e-ac38-6135593a721b", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + } + ], + "IdentityDiagnostic.StartDiagnosis": [ + { + "id": "001f3e87-728f-4372-b285-000198ae3b91", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + }, + { + "id": "cae54ae3-5d80-4001-940b-913bcf35c538", + "scheme": "DelegatedPersonal", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + } + ], + "IdentityDiagnostic.StartDiagnosis.All": [ + { + "id": "0fa62088-c970-47a9-8863-f7f87b94eef6", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + }, + { + "id": "3bc0526d-f5d7-435b-b12b-93f8d4495b77", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "a57aca87-cbc0-4f3c-8b9e-dc095fdc8978" + } + ], "IdentityRiskEvent.Read.All": [ { "id": "8f6a01e7-0391-4ee5-aa22-a3af122cef27", @@ -8628,6 +8754,34 @@ "resourceAppId": "" } ], + "MailTips.ReadBasic.All": [ + { + "id": "", + "scheme": "Application", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0ff1-ce00-000000000000" + } + ], + "MailTips.ReadBasic.Shared": [ + { + "id": "", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0ff1-ce00-000000000000" + }, + { + "id": "", + "scheme": "DelegatedPersonal", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0ff1-ce00-000000000000" + } + ], "ManagedIdentity.Create": [ { "id": "d419de8c-f1db-4863-8142-8092157a73ab",