Skip to content

Commit bcea86e

Browse files
marabooymarabooy
authored
Weekly Permissions sync 2025-10-24 (#1321)
1 parent df8dd5d commit bcea86e

File tree

2 files changed

+176
-20
lines changed

2 files changed

+176
-20
lines changed

permissions/new/permissions.json

Lines changed: 90 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1269,7 +1269,6 @@
12691269
"/applications(appid={value})/federatedidentitycredentials": "least=DelegatedWork,Application",
12701270
"/applications(appid={value})/owners": "least=DelegatedWork,Application",
12711271
"/applications(appid={value})/sponsors": "least=DelegatedWork,Application",
1272-
"/applications(appid={value})/tokenRevocations": "least=DelegatedWork,Application",
12731272
"/applications/{id}/authorization": "",
12741273
"/applications/{id}/authorization/resourceSchema": "",
12751274
"/applications/{id}/authorization/resourceSchema/environmentAttributes": "",
@@ -1296,7 +1295,6 @@
12961295
"/applications/{id}/pairwisebrokerembeddedappconfig/{trustedHostPairwiseBrokerId}/perResourceAllowedScopes": "least=DelegatedWork,Application",
12971296
"/applications/{id}/pairwisebrokerembeddedappconfig/{trustedHostPairwiseBrokerId}/perResourceAllowedScopes/{resourceAppId}": "least=DelegatedWork,Application",
12981297
"/applications/{id}/sponsors": "least=DelegatedWork,Application",
1299-
"/applications/{id}/tokenRevocations": "least=DelegatedWork,Application",
13001298
"/applications/delta": "",
13011299
"/policies/appmanagementpolicies/{id}/appliesto": "least=DelegatedWork,Application",
13021300
"/policies/claimsmappingpolicies/{id}/appliesto": "",
@@ -1315,7 +1313,6 @@
13151313
"/serviceprincipals(appid={value})/ownedobjects": "least=DelegatedWork,Application",
13161314
"/serviceprincipals(appid={value})/owners": "least=DelegatedWork,Application",
13171315
"/serviceprincipals(appid={value})/sponsors": "least=DelegatedWork,Application",
1318-
"/serviceprincipals(appid={value})/tokenRevocations": "least=DelegatedWork,Application",
13191316
"/serviceprincipals(appid={value})/transitivememberof": "least=DelegatedWork,Application",
13201317
"/serviceprincipals/{id}": "least=DelegatedWork,Application",
13211318
"/serviceprincipals/{id}/approleassignedto": "least=DelegatedWork,Application",
@@ -1331,7 +1328,6 @@
13311328
"/serviceprincipals/{id}/remotedesktopsecurityconfiguration/targetdevicegroups": "least=DelegatedWork,Application",
13321329
"/serviceprincipals/{id}/remotedesktopsecurityconfiguration/targetdevicegroups/{id}": "least=DelegatedWork,Application",
13331330
"/serviceprincipals/{id}/sponsors": "least=DelegatedWork,Application",
1334-
"/serviceprincipals/{id}/tokenRevocations": "least=DelegatedWork,Application",
13351331
"/serviceprincipals/{id}/transitivememberof": "least=DelegatedWork,Application",
13361332
"/serviceprincipals/delta": ""
13371333
}
@@ -1711,11 +1707,7 @@
17111707
"POST"
17121708
],
17131709
"paths": {
1714-
"/applications(appid={value})/federatedidentitycredentials": "least=DelegatedWork,Application",
1715-
"/applications(appid={value})/tokenRevocations": "least=DelegatedWork,Application",
1716-
"/applications/{id}/tokenRevocations": "least=DelegatedWork,Application",
1717-
"/serviceprincipals(appid={value})/tokenRevocations": "least=DelegatedWork,Application",
1718-
"/serviceprincipals/{id}/tokenRevocations": "least=DelegatedWork,Application"
1710+
"/applications(appid={value})/federatedidentitycredentials": "least=DelegatedWork,Application"
17191711
}
17201712
},
17211713
{
@@ -17574,6 +17566,94 @@
1757417566
"ownerSecurityGroup": "ixrdev"
1757517567
}
1757617568
},
17569+
"Domain-InternalFederation.Read.All": {
17570+
"authorizationType": "oAuth2",
17571+
"schemes": {
17572+
"DelegatedWork": {
17573+
"adminDisplayName": "Read internal federation configuration for a domain.",
17574+
"adminDescription": "Allows the app to read internal federation configuration for a domain.",
17575+
"userDisplayName": "Read internal federation configuration for a domain.",
17576+
"userDescription": "Allows the app to read internal federation configuration for a domain.",
17577+
"requiresAdminConsent": true,
17578+
"privilegeLevel": 3
17579+
},
17580+
"Application": {
17581+
"adminDisplayName": "Read internal federation configuration for a domain.",
17582+
"adminDescription": "Allows the app to read internal federation configuration for a domain.",
17583+
"requiresAdminConsent": true,
17584+
"privilegeLevel": 4
17585+
}
17586+
},
17587+
"pathSets": [
17588+
{
17589+
"schemeKeys": [
17590+
"DelegatedWork",
17591+
"Application"
17592+
],
17593+
"methods": [
17594+
"GET"
17595+
],
17596+
"paths": {
17597+
"/domains/{id}/federationConfiguration": "least=DelegatedWork,Application",
17598+
"/domains/{id}/federationConfiguration/{configurationId}": "least=DelegatedWork,Application"
17599+
}
17600+
}
17601+
],
17602+
"ownerInfo": {
17603+
"ownerSecurityGroup": "aadusersandtenants"
17604+
}
17605+
},
17606+
"Domain-InternalFederation.ReadWrite.All": {
17607+
"authorizationType": "oAuth2",
17608+
"schemes": {
17609+
"DelegatedWork": {
17610+
"adminDisplayName": "Create, read, update and delete internal federation configuration for a domain.",
17611+
"adminDescription": "Allows the app to create, read, update and delete internal federation configuration for a domain.",
17612+
"userDisplayName": "Create, read, update and delete internal federation configuration for a domain.",
17613+
"userDescription": "Allows the app to create, read, update and delete internal federation configuration for a domain.",
17614+
"requiresAdminConsent": true,
17615+
"privilegeLevel": 4
17616+
},
17617+
"Application": {
17618+
"adminDisplayName": "Create, read, update and delete internal federation configuration for a domain.",
17619+
"adminDescription": "Allows the app to create, read, update and delete internal federation configuration for a domain.",
17620+
"requiresAdminConsent": true,
17621+
"privilegeLevel": 5
17622+
}
17623+
},
17624+
"pathSets": [
17625+
{
17626+
"schemeKeys": [
17627+
"DelegatedWork",
17628+
"Application"
17629+
],
17630+
"methods": [
17631+
"GET",
17632+
"POST"
17633+
],
17634+
"paths": {
17635+
"/domains/{id}/federationConfiguration": "least=DelegatedWork,Application"
17636+
}
17637+
},
17638+
{
17639+
"schemeKeys": [
17640+
"DelegatedWork",
17641+
"Application"
17642+
],
17643+
"methods": [
17644+
"DELETE",
17645+
"GET",
17646+
"PATCH"
17647+
],
17648+
"paths": {
17649+
"/domains/{id}/federationConfiguration/{configurationId}": "least=DelegatedWork,Application"
17650+
}
17651+
}
17652+
],
17653+
"ownerInfo": {
17654+
"ownerSecurityGroup": "aadusersandtenants"
17655+
}
17656+
},
1757717657
"Domain.Read.All": {
1757817658
"authorizationType": "oAuth2",
1757917659
"schemes": {
@@ -17701,7 +17781,7 @@
1770117781
"POST"
1770217782
],
1770317783
"paths": {
17704-
"/domains/{id}/federationconfiguration": "least=DelegatedWork,Application",
17784+
"/domains/{id}/federationconfiguration": "",
1770517785
"/domains/{id}/forcedelete": "least=DelegatedWork,Application",
1770617786
"/domains/{id}/promote": "least=DelegatedWork,Application",
1770717787
"/domains/{id}/verify": "least=DelegatedWork,Application"

permissions/new/provisioningInfo.json

Lines changed: 86 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -200,7 +200,7 @@
200200
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
201201
}
202202
],
203-
"AgentCard.Read.All": [
203+
"AgentCardManifest.Read.All": [
204204
{
205205
"id": "",
206206
"scheme": "DelegatedWork",
@@ -218,7 +218,7 @@
218218
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
219219
}
220220
],
221-
"AgentCard.ReadWrite.All": [
221+
"AgentCardManifest.ReadWrite.All": [
222222
{
223223
"id": "",
224224
"scheme": "DelegatedWork",
@@ -236,7 +236,7 @@
236236
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
237237
}
238238
],
239-
"AgentCard.ReadWrite.ManagedBy": [
239+
"AgentCardManifest.ReadWrite.ManagedBy": [
240240
{
241241
"id": "",
242242
"scheme": "Application",
@@ -292,6 +292,46 @@
292292
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
293293
}
294294
],
295+
"AgentCollection.Read.Global": [
296+
{
297+
"id": "",
298+
"scheme": "DelegatedWork",
299+
"environment": "public",
300+
"isHidden": true,
301+
"isEnabled": false,
302+
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
303+
}
304+
],
305+
"AgentCollection.ReadWrite.Global": [
306+
{
307+
"id": "",
308+
"scheme": "DelegatedWork",
309+
"environment": "public",
310+
"isHidden": true,
311+
"isEnabled": false,
312+
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
313+
}
314+
],
315+
"AgentCollection.Read.Quarantined": [
316+
{
317+
"id": "",
318+
"scheme": "DelegatedWork",
319+
"environment": "public",
320+
"isHidden": true,
321+
"isEnabled": false,
322+
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
323+
}
324+
],
325+
"AgentCollection.ReadWrite.Quarantined": [
326+
{
327+
"id": "",
328+
"scheme": "DelegatedWork",
329+
"environment": "public",
330+
"isHidden": true,
331+
"isEnabled": false,
332+
"resourceAppId": "9c31bd49-9f18-4580-84a0-e6e6dbd13640"
333+
}
334+
],
295335
"AgentIdentityBlueprint.CreateAsManager": [
296336
{
297337
"id": "ecf9c9c0-b7d6-48c0-8ad6-7b00493a2efb",
@@ -5017,15 +5057,15 @@
50175057
"id": "c0e5a7b0-e8b7-40a7-b8e0-8249e6ea81d5",
50185058
"scheme": "Application",
50195059
"environment": "public;ppe",
5020-
"isHidden": true,
5060+
"isHidden": false,
50215061
"isEnabled": true,
50225062
"resourceAppId": "00000002-0000-0000-c000-000000000000"
50235063
},
50245064
{
50255065
"id": "33203a2a-a761-40f0-8a7c-a7e74a9f8ac6",
50265066
"scheme": "DelegatedWork",
50275067
"environment": "public;ppe",
5028-
"isHidden": true,
5068+
"isHidden": false,
50295069
"isEnabled": true,
50305070
"resourceAppId": "00000002-0000-0000-c000-000000000000"
50315071
}
@@ -5035,15 +5075,15 @@
50355075
"id": "64d40371-8d58-4270-bc8a-b4a66de36b9a",
50365076
"scheme": "Application",
50375077
"environment": "public;ppe",
5038-
"isHidden": true,
5078+
"isHidden": false,
50395079
"isEnabled": true,
50405080
"resourceAppId": "00000002-0000-0000-c000-000000000000"
50415081
},
50425082
{
50435083
"id": "857bd3ea-490e-4284-88a7-a7de1893b6ee",
50445084
"scheme": "DelegatedWork",
50455085
"environment": "public;ppe",
5046-
"isHidden": true,
5086+
"isHidden": false,
50475087
"isEnabled": true,
50485088
"resourceAppId": "00000002-0000-0000-c000-000000000000"
50495089
}
@@ -10032,7 +10072,7 @@
1003210072
"environment": "public",
1003310073
"isHidden": true,
1003410074
"isEnabled": true,
10035-
"resourceAppId": "a3dfc3c6-2c7d-4f42-aeec-b2877f9bce97"
10075+
"resourceAppId": "00000002-0000-0000-c000-000000000000"
1003610076
}
1003710077
],
1003810078
"Policy.ReadWrite.ConsentRequest": [
@@ -15325,6 +15365,42 @@
1532515365
"resourceAppId": ""
1532615366
}
1532715367
],
15368+
"TokenRevocations.Read.All":[
15369+
{
15370+
"id": "10506a2e-a91b-4aba-886f-ba9f7938f05b",
15371+
"scheme": "Application",
15372+
"environment": "PPE;public",
15373+
"isHidden": true,
15374+
"isEnabled": true,
15375+
"resourceAppId": "00000002-0000-0000-c000-000000000000"
15376+
},
15377+
{
15378+
"id": "f877b83b-16b1-4d1f-ac40-70d5d86d1a8a",
15379+
"scheme": "DelegatedWork",
15380+
"environment": "PPE;public",
15381+
"isHidden": true,
15382+
"isEnabled": true,
15383+
"resourceAppId": "00000002-0000-0000-c000-000000000000"
15384+
}
15385+
],
15386+
"TokenRevocations.ReadWrite.All":[
15387+
{
15388+
"id": "e91cbba3-7784-4313-8460-b91c2137514d",
15389+
"scheme": "Application",
15390+
"environment": "PPE;public",
15391+
"isHidden": true,
15392+
"isEnabled": false,
15393+
"resourceAppId": "00000002-0000-0000-c000-000000000000"
15394+
},
15395+
{
15396+
"id": "1190c458-9a4e-4b03-8af8-d4290da4370a",
15397+
"scheme": "DelegatedWork",
15398+
"environment": "PPE;public",
15399+
"isHidden": true,
15400+
"isEnabled": false,
15401+
"resourceAppId": "00000002-0000-0000-c000-000000000000"
15402+
}
15403+
],
1532815404
"Topic.Read.All": [
1532915405
{
1533015406
"id": "79c4c76f-409a-4f98-884d-e2c09291ec26",
@@ -17379,14 +17455,14 @@
1737917455
"environment": "public",
1738017456
"isHidden": true,
1738117457
"isEnabled": true,
17382-
"resourceAppId": "f776f290-1b5c-492f-a298-a4051d78f2dc"
17458+
"resourceAppId": "da472373-a181-4ed0-94ec-bc7779f3b558"
1738317459
},
1738417460
{
1738517461
"scheme": "DelegatedWork",
1738617462
"environment": "public",
1738717463
"isHidden": true,
1738817464
"isEnabled": true,
17389-
"resourceAppId": "f776f290-1b5c-492f-a298-a4051d78f2dc"
17465+
"resourceAppId": "da472373-a181-4ed0-94ec-bc7779f3b558"
1739017466
}
1739117467
],
1739217468
"IdentityRiskyAgent.Read.All": [

0 commit comments

Comments
 (0)