From 095864f48c5e67ae63304c738db103098d27db9d Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Tue, 31 Mar 2026 03:30:28 +0300 Subject: [PATCH 1/2] Weekly Permissions sync 2026-03-31 --- permissions/new/permissions.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 95ad6e47..1b00b13b 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -12471,8 +12471,10 @@ "POST" ], "paths": { + "/me/dataSecurityAndGovernance/contentUploadSession": "", "/me/dataSecurityAndGovernance/processContent": "", "/security/dataSecurityAndGovernance/processContentAsync": "least=Application,DelegatedWork", + "/users/{userId}/dataSecurityAndGovernance/contentUploadSession": "", "/users/{userId}/dataSecurityAndGovernance/processContent": "" } } @@ -12509,7 +12511,9 @@ "POST" ], "paths": { + "/me/dataSecurityAndGovernance/contentUploadSession": "", "/me/dataSecurityAndGovernance/processContent": "least=Application,DelegatedWork", + "/users/{userId}/dataSecurityAndGovernance/contentUploadSession": "", "/users/{userId}/dataSecurityAndGovernance/processContent": "least=Application,DelegatedWork" } } From 486a83d70d58e2c25c31d27fc0cc1413bf0399af Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Tue, 31 Mar 2026 23:32:32 +0300 Subject: [PATCH 2/2] Weekly Permissions sync 2026-03-31 --- permissions/new/permissions.json | 194 ++++++++++++++++---------- permissions/new/provisioningInfo.json | 96 ++++++++----- 2 files changed, 188 insertions(+), 102 deletions(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 1b00b13b..af51af34 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -3491,8 +3491,8 @@ "privilegeLevel": 3 }, "Application": { - "adminDisplayName": "", - "adminDescription": "", + "adminDisplayName": "Read the trusted certificate authority configuration for applications", + "adminDescription": "Allows the app to read the trusted certificate authority configuration which can be used to restrict application certificates based on their issuing authority, without a signed-in user.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -3504,50 +3504,12 @@ "Application" ], "methods": [ - "PATCH" - ], - "paths": { - "/certificateauthoritypath/certificatebasedapplicationconfigurations/{id}": "least=DelegatedWork,Application" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "GET", - "POST" - ], - "paths": { - "/directory/certificateauthorities/certificatebasedapplicationconfigurations": "least=DelegatedWork,Application", - "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities": "least=DelegatedWork,Application" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "DELETE", "GET" ], "paths": { - "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}": "least=DelegatedWork,Application" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "DELETE", - "GET", - "PATCH" - ], - "paths": { + "/directory/certificateauthorities/certificatebasedapplicationconfigurations": "least=DelegatedWork,Application", + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}": "least=DelegatedWork,Application", + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities": "least=DelegatedWork,Application", "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities/{id}": "least=DelegatedWork,Application" } } @@ -3568,8 +3530,8 @@ "privilegeLevel": 3 }, "Application": { - "adminDisplayName": "", - "adminDescription": "", + "adminDisplayName": "Read and write the trusted certificate authority configuration for applications", + "adminDescription": "Allows the app to create, read, update and delete the trusted certificate authority configuration which can be used to restrict application certificates based on their issuing authority, without a signed-in user.", "requiresAdminConsent": true, "privilegeLevel": 4 } @@ -3581,24 +3543,13 @@ "Application" ], "methods": [ - "PATCH" - ], - "paths": { - "/certificateauthoritypath/certificatebasedapplicationconfigurations/{id}": "" - } - }, - { - "schemeKeys": [ - "DelegatedWork", - "Application" - ], - "methods": [ - "GET", - "POST" + "GET" ], "paths": { "/directory/certificateauthorities/certificatebasedapplicationconfigurations": "", - "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities": "" + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}": "", + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities": "", + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities/{id}": "" } }, { @@ -3607,11 +3558,11 @@ "Application" ], "methods": [ - "DELETE", - "GET" + "POST" ], "paths": { - "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}": "" + "/directory/certificateauthorities/certificatebasedapplicationconfigurations": "least=DelegatedWork,Application", + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities": "least=DelegatedWork,Application" } }, { @@ -3621,11 +3572,11 @@ ], "methods": [ "DELETE", - "GET", "PATCH" ], "paths": { - "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities/{id}": "" + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}": "least=DelegatedWork,Application", + "/directory/certificateauthorities/certificatebasedapplicationconfigurations/{id}/trustedcertificateauthorities/{id}": "least=DelegatedWork,Application" } } ], @@ -5098,11 +5049,11 @@ "/reports/conditionalaccess/protectedapps": "least=DelegatedWork,Application", "/reports/conditionalaccess/securityalerts": "least=DelegatedWork,Application", "/reports/conditionalaccess/unprotectedapps": "least=DelegatedWork,Application", + "/reports/correlations": "", + "/reports/correlations/{id}": "", + "/reports/correlations/{id}/identities": "", + "/reports/correlations/{id}/identities/{id}": "", "/reports/getAppManagementAuditSummary": "least=DelegatedWork,Application", - "/reports/identityCorrelation": "least=DelegatedWork,Application", - "/reports/identityCorrelation/{id}": "least=DelegatedWork,Application", - "/reports/identityCorrelation/{id}/identities": "least=DelegatedWork,Application", - "/reports/identityCorrelation/{id}/identities/{id}": "least=DelegatedWork,Application", "/reports/reconciliations/provisioning": "least=DelegatedWork,Application", "/reports/reconciliations/provisioning/{id}": "least=DelegatedWork,Application", "/reports/reconciliations/provisioning/{id}/identities": "least=DelegatedWork,Application", @@ -23099,6 +23050,105 @@ "ownerSecurityGroup": "igaelmlivesite" } }, + "EntraBackup.Read.All": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read Preview jobs and snapshots", + "adminDescription": "Allows the app to list the all the snapshots, jobs and enumerate the changes of a specific preview job, on behalf of the signed-in user.", + "userDisplayName": "Read Preview jobs and snapshots", + "userDescription": "Allows the app to list the all the snapshots, jobs and enumerate the changes of a specific preview job, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read Preview jobs and snapshots", + "adminDescription": "Allows the app to list the all the snapshots, jobs and enumerate the changes of a specific preview job, on behalf of the signed-in user.", + "userDisplayName": "Read Preview jobs and snapshots", + "userDescription": "Allows the app to list the all the snapshots, jobs and enumerate the changes of a specific preview job, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/directory/recovery/snapshots": "least=Application,DelegatedWork", + "/directory/recovery/snapshots/{id}": "least=Application,DelegatedWork", + "/directory/recovery/snapshots/{id}/recoveryJobs/{id}/getFailedChanges": "least=Application,DelegatedWork", + "/directory/recovery/snapshots/{id}/recoveryPreviewJobs/{id}/getChanges": "least=Application,DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "xtenantex" + } + }, + "EntraBackup.ReadWrite.Preview": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Create a preview job, read preview job and snapshots", + "adminDescription": "Allows the app to list the all the snapshots, create a preview job and enumerate the changes of a specific preview job, on behalf of the signed-in user.", + "userDisplayName": "Create a preview job, read preview job and snapshots", + "userDescription": "Allows the app to list the all the snapshots, create a preview job and enumerate the changes of a specific preview job, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/directory/recovery/snapshots/{id}/recoveryPreviewJobs": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "xtenantex" + } + }, + "EntraBackup.ReadWrite.Recovery": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Create preview and recovery job, read recovery job and snapshots", + "adminDescription": "Allows the app to list the all the snapshots, create a recovery job and enumerate the changes of a specific recovery job, on behalf of the signed-in user.", + "userDisplayName": "Create preview and recovery job, read recovery job and snapshots", + "userDescription": "Allows the app to list the all the snapshots, create a recovery job and enumerate the changes of a specific recovery job, on your behalf.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/directory/recovery/snapshots/{id}/recoveryJobs": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "xtenantex" + } + }, "EventListener.Read.All": { "authorizationType": "oAuth2", "schemes": { @@ -42074,7 +42124,11 @@ "GET" ], "paths": { - "/auditlogs/provisioning": "least=DelegatedWork" + "/auditlogs/provisioning": "least=DelegatedWork", + "/reports/correlations": "least=DelegatedWork", + "/reports/correlations/{id}": "least=DelegatedWork", + "/reports/correlations/{id}/identities": "least=DelegatedWork", + "/reports/correlations/{id}/identities/{id}": "least=DelegatedWork" } } ], diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index 72738651..c40af9b0 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -917,7 +917,7 @@ "id": "f0d7f93b-6fce-4221-a197-ace5848da396", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "" }, @@ -935,7 +935,7 @@ "id": "e508b0bc-7b1a-4b59-8646-d12066f4a72f", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "" }, @@ -6191,7 +6191,7 @@ "id": "c16f30f0-3121-4976-bafe-66cb042f4f80", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "a50f0d49-6f8f-4402-829c-8a911168e575" }, @@ -6199,7 +6199,7 @@ "id": "e3dbb094-f3f9-4625-bf6a-32e96856f34c", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "a50f0d49-6f8f-4402-829c-8a911168e575" } @@ -6209,7 +6209,7 @@ "id": "1266f280-49c3-4d32-91a5-bf4db4fbff48", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "a50f0d49-6f8f-4402-829c-8a911168e575" } @@ -6219,19 +6219,19 @@ "id": "6daf3aaf-bb77-4397-9dd6-e6d8b75727c2", "scheme": "DelegatedWork", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "a50f0d49-6f8f-4402-829c-8a911168e575" } ], - "EntraGalleryIntegrationRequest.ReadData.All": [ + "AppGalleryIntegrationRequest.ReadData.All": [ { "id": "0664bd48-3c66-4183-90f8-8b3194da5252", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "435aa171-b61a-45af-9b95-610e266c391d", @@ -6239,17 +6239,17 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadWrite": [ + "AppGalleryIntegrationRequest.ReadWrite": [ { "id": "b6799afc-c951-44b4-aeab-d4d0efe35597", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "13ec5196-695d-4d79-baea-7b536f77458c", @@ -6257,27 +6257,27 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.Submit": [ + "AppGalleryIntegrationRequest.Submit": [ { "id": "5ef2c1ef-16d8-4bfe-927b-a9d6afc22939", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadArtifact.All": [ + "AppGalleryIntegrationRequest.ReadArtifact.All": [ { "id": "540a56fa-a7c8-4dc7-8a8e-f10e19cfad5f", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "719855d7-2352-4ccb-862a-ac05b2def98b", @@ -6285,17 +6285,17 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadWriteArtifact.All": [ + "AppGalleryIntegrationRequest.ReadWriteArtifact.All": [ { "id": "d5e2954d-1cb2-4493-9e7f-ee3886d22f97", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "6ea5134a-a0f6-4848-8fc1-35902f536387", @@ -6303,17 +6303,17 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadScimTest.All": [ + "AppGalleryIntegrationRequest.ReadScimTest.All": [ { "id": "d6b56054-1c68-49ed-b7a9-ef89d6f8c9ad", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "60b06635-e5ee-4c58-ad15-cb7c0801d6a8", @@ -6321,17 +6321,17 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadWriteScimTest.All": [ + "AppGalleryIntegrationRequest.ReadWriteScimTest.All": [ { "id": "9e214bb4-5459-45b8-80a6-9f83d2a842f4", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "ec4f5141-4812-42d8-8492-04d4133996eb", @@ -6339,17 +6339,17 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadSsoTest.All": [ + "AppGalleryIntegrationRequest.ReadSsoTest.All": [ { "id": "7269528b-6ebf-48cc-af24-defe8cb8e39f", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "0726488d-5e7c-4c27-987c-20cc0d638c62", @@ -6357,17 +6357,17 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], - "EntraGalleryIntegrationRequest.ReadWriteSsoTest.All": [ + "AppGalleryIntegrationRequest.ReadWriteSsoTest.All": [ { "id": "9a95d90e-cf1f-4336-919f-4e0848b6cf56", "scheme": "DelegatedWork", "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" }, { "id": "58cbb86c-ff81-4e83-90cd-c01e63211cc8", @@ -6375,7 +6375,7 @@ "environment": "public", "isHidden": true, "isEnabled": true, - "resourceAppId": "c7441e5a-180f-453a-bc4e-126159ca0174" + "resourceAppId": "eb2ecbe8-b7cf-40c0-9243-65d6a58bf472" } ], "EventListener.Read.All": [ @@ -7558,6 +7558,38 @@ "resourceAppId": "" } ], + "IdentityNotifications.Read.All": [ + { + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], + "IdentityNotifications.ReadWrite.All": [ + { + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "IdentityProvider.Read.All": [ { "id": "43781733-b5a7-4d1b-98f4-e8edff23e1a9",