Skip to content

Commit 13f204b

Browse files
marabooymarabooy
committed
Weekly Permissions sync 2025-10-09
1 parent 057950c commit 13f204b

File tree

2 files changed

+54
-21
lines changed

2 files changed

+54
-21
lines changed

permissions/new/permissions.json

Lines changed: 44 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -16681,7 +16681,6 @@
1668116681
"/users/{id}/directreports": "",
1668216682
"/users/{id}/joinedteams": "",
1668316683
"/users/{id}/licensedetails": "",
16684-
"/users/{id}/licenseDetails/getTeamsLicensingDetails": "",
1668516684
"/users/{id}/manager": "",
1668616685
"/users/{id}/memberof": "least=Application",
1668716686
"/users/{id}/oauth2permissiongrants": "least=DelegatedWork,Application",
@@ -16730,7 +16729,8 @@
1673016729
"/me/registereddevices": "",
1673116730
"/me/scopedrolememberof": "least=DelegatedWork",
1673216731
"/me/transitivememberof": "",
16733-
"/privilegedroleassignmentrequests": "least=DelegatedWork"
16732+
"/privilegedroleassignmentrequests": "least=DelegatedWork",
16733+
"/users/{id}/licenseDetails/getTeamsLicensingDetails": ""
1673416734
}
1673516735
},
1673616736
{
@@ -16966,7 +16966,6 @@
1696616966
"/users/{id}/directreports": "",
1696716967
"/users/{id}/joinedteams": "",
1696816968
"/users/{id}/licensedetails": "",
16969-
"/users/{id}/licenseDetails/getTeamsLicensingDetails": "",
1697016969
"/users/{id}/memberof": "",
1697116970
"/users/{id}/owneddevices": "",
1697216971
"/users/{id}/ownedobjects": "",
@@ -17108,7 +17107,8 @@
1710817107
"/onpremisespublishingprofiles/applicationproxy/connectorgroups/{id}/applications": "least=DelegatedWork",
1710917108
"/onpremisespublishingprofiles/applicationproxy/connectors": "least=DelegatedWork",
1711017109
"/onpremisespublishingprofiles/applicationproxy/connectors/{id}": "least=DelegatedWork",
17111-
"/serviceprincipals": ""
17110+
"/serviceprincipals": "",
17111+
"/users/{id}/licenseDetails/getTeamsLicensingDetails": ""
1711217112
}
1711317113
},
1711417114
{
@@ -37378,6 +37378,14 @@
3737837378
"PrivilegedAccess.Read.AzureADGroup": {
3737937379
"authorizationType": "oAuth2",
3738037380
"schemes": {
37381+
"DelegatedWork": {
37382+
"adminDisplayName": "Read privileged access to Azure AD groups",
37383+
"adminDescription": "Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups in your organization, without a signed-in user.",
37384+
"userDisplayName": "Read privileged access to Azure AD groups",
37385+
"userDescription": "Allows the app to read time-based assignment and just in time elevation (including scheduled elevation) of Azure AD groups in your organization, on your behalf.",
37386+
"requiresAdminConsent": true,
37387+
"privilegeLevel": 4
37388+
},
3738137389
"Application": {
3738237390
"adminDisplayName": "Read privileged access to Azure AD groups",
3738337391
"adminDescription": "Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups in your organization, without a signed-in user.",
@@ -37397,6 +37405,19 @@
3739737405
"/privilegedaccess/azureresources/resources/{id}/roleassignmentrequests": "",
3739837406
"/privilegedaccess/azureresources/roleassignmentrequests": ""
3739937407
}
37408+
},
37409+
{
37410+
"schemeKeys": [
37411+
"DelegatedWork",
37412+
"Application"
37413+
],
37414+
"methods": [
37415+
"GET"
37416+
],
37417+
"paths": {
37418+
"/identityGovernance/privilegedAccess/group/resources": "least=DelegatedWork,Application",
37419+
"/identityGovernance/privilegedAccess/group/resources/{id}": "least=DelegatedWork,Application"
37420+
}
3740037421
}
3740137422
],
3740237423
"ownerInfo": {
@@ -37520,6 +37541,12 @@
3752037541
"userDescription": "Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups, on your behalf.",
3752137542
"requiresAdminConsent": true,
3752237543
"privilegeLevel": 4
37544+
},
37545+
"Application": {
37546+
"adminDisplayName": "Read and write privileged access to Azure AD groups",
37547+
"adminDescription": "Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups, on behalf of the signed-in user.",
37548+
"requiresAdminConsent": true,
37549+
"privilegeLevel": 4
3752337550
}
3752437551
},
3752537552
"pathSets": [
@@ -37545,6 +37572,19 @@
3754537572
"paths": {
3754637573
"/privilegedaccess/azureresources/roleassignmentrequests/{id}/cancel": ""
3754737574
}
37575+
},
37576+
{
37577+
"schemeKeys": [
37578+
"DelegatedWork",
37579+
"Application"
37580+
],
37581+
"methods": [
37582+
"GET"
37583+
],
37584+
"paths": {
37585+
"/identityGovernance/privilegedAccess/group/resources": "",
37586+
"/identityGovernance/privilegedAccess/group/resources/{id}": ""
37587+
}
3754837588
}
3754937589
],
3755037590
"ownerInfo": {
@@ -51886,7 +51926,6 @@
5188651926
],
5188751927
"paths": {
5188851928
"/users/{id}/deleteddatetime": "least=Application",
51889-
"/users/{id}/licenseDetails/getTeamsLicensingDetails": "least=Application",
5189051929
"/users/{id}/memberof/{id}": "least=Application",
5189151930
"/users/{id}/outlook/supportedlanguages": "least=Application",
5189251931
"/users/{id}/outlook/supportedtimezones": "least=Application",

permissions/new/provisioningInfo.json

Lines changed: 10 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -300,14 +300,6 @@
300300
"isHidden": true,
301301
"isEnabled": true,
302302
"resourceAppId": "00000003-0000-0000-c000-000000000000"
303-
},
304-
{
305-
"id": "6ce0ade1-3a9a-40ba-ae13-11bf6279a04d",
306-
"scheme": "DelegatedWork",
307-
"environment": "PPE;public",
308-
"isHidden": true,
309-
"isEnabled": true,
310-
"resourceAppId": "00000003-0000-0000-c000-000000000000"
311303
}
312304
],
313305
"AgentIdentityBlueprint.Read.All": [
@@ -436,6 +428,16 @@
436428
"resourceAppId": "00000003-0000-0000-c000-000000000000"
437429
}
438430
],
431+
"AgentIdentityBlueprintPrincipal.CreateAsManager": [
432+
{
433+
"id": "c50c596a-6889-4460-acb1-3ed7c5fc142a",
434+
"scheme": "Application",
435+
"environment": "PPE;public",
436+
"isHidden": true,
437+
"isEnabled": false,
438+
"resourceAppId": "00000003-0000-0000-c000-000000000000"
439+
}
440+
],
439441
"AgentIdentityBlueprintPrincipal.Read.All": [
440442
{
441443
"id": "",
@@ -12799,14 +12801,6 @@
1279912801
"isHidden": true,
1280012802
"isEnabled": true,
1280112803
"resourceAppId": "00000003-0000-0000-c000-00000000000"
12802-
},
12803-
{
12804-
"id": "98f23116-27b1-42b4-814b-d258698a00b6",
12805-
"scheme": "DelegatedWork",
12806-
"environment": "PPE;public",
12807-
"isHidden": true,
12808-
"isEnabled": true,
12809-
"resourceAppId": "00000003-0000-0000-c000-000000000000"
1281012804
}
1281112805
],
1281212806
"AgentIdentity.Read.All": [

0 commit comments

Comments
 (0)