From b25ee00dd631e4715f2cc29ba55f566c66170159 Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Thu, 19 Mar 2026 03:29:17 +0300 Subject: [PATCH 1/2] Weekly Permissions sync 2026-03-19 --- permissions/new/permissions.json | 57 +++++++++++++++++++++-- permissions/new/provisioningInfo.json | 66 ++++++++++++++++++++++----- 2 files changed, 107 insertions(+), 16 deletions(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index d02ccfb8..9fcc068f 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -13675,7 +13675,7 @@ "adminDisplayName": "Manage all delegated permission grants", "adminDescription": "Allows the app to manage permission grants for delegated permissions exposed by any API (including Microsoft Graph), without a signed-in user.", "requiresAdminConsent": true, - "privilegeLevel": 4 + "privilegeLevel": 5 } }, "pathSets": [ @@ -13688,8 +13688,8 @@ "GET" ], "paths": { - "/serviceprincipals(appid={value})/inheritedoauth2permissiongrants": "least=Application", - "/serviceprincipals(appid={value})/oauth2permissiongrants": "least=Application", + "/serviceprincipals(appid={value})/inheritedoauth2permissiongrants": "", + "/serviceprincipals(appid={value})/oauth2permissiongrants": "", "/serviceprincipals/{id}/inheritedoauth2permissiongrants": "", "/serviceprincipals/{id}/oauth2permissiongrants": "", "/users/{id}/oauth2permissiongrants": "" @@ -13717,7 +13717,7 @@ "POST" ], "paths": { - "/oauth2permissiongrants": "least=DelegatedWork,Application" + "/oauth2permissiongrants": "" } }, { @@ -13731,7 +13731,7 @@ "PATCH" ], "paths": { - "/oauth2permissiongrants/{id}": "least=DelegatedWork,Application" + "/oauth2permissiongrants/{id}": "" } }, { @@ -26490,6 +26490,21 @@ "/me/drive/items/{id}/permissions/{id}": "" } }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/drives/{id}/items/{id}/retentionLabel": "least=DelegatedWork,Application", + "/groups/{id}/drive/items/{id}/retentionLabel": "least=DelegatedWork,Application", + "/me/drive/items/{id}/retentionLabel": "least=DelegatedWork,Application", + "/users/{user-id}/drive/items/{item-id}/retentionLabel": "least=DelegatedWork,Application" + } + }, { "schemeKeys": [ "DelegatedWork", @@ -33563,6 +33578,7 @@ "/networkaccess/discovery/discoveredApplicationSegments": "least=DelegatedWork,Application", "/networkaccess/logs/connections": "least=DelegatedWork,Application", "/networkaccess/logs/connections/{id}": "least=DelegatedWork,Application", + "/networkaccess/logs/generativeAIInsights": "least=DelegatedWork,Application", "/networkaccess/logs/remoteNetworks": "least=DelegatedWork,Application", "/networkaccess/logs/traffic": "least=DelegatedWork,Application", "/networkaccess/logs/traffic/{id}": "least=DelegatedWork,Application", @@ -33751,6 +33767,7 @@ "/networkAccess/forwardingProfiles/{id}/policies/{id}": "", "/networkaccess/logs/connections": "", "/networkaccess/logs/connections/{id}": "", + "/networkaccess/logs/generativeAIInsights": "", "/networkaccess/logs/remoteNetworks": "", "/networkaccess/logs/traffic": "", "/networkaccess/logs/traffic/{id}": "", @@ -42395,6 +42412,7 @@ "/copilot/reports/getmicrosoft365copilotusageuserdetail(period={value})": "least=DelegatedWork,Application", "/copilot/reports/getmicrosoft365copilotusercountsummary(period={value})": "least=DelegatedWork,Application", "/copilot/reports/getmicrosoft365copilotusercounttrend(period={value})": "least=DelegatedWork,Application", + "/reports/azureADPremiumLicenseInsight": "least=DelegatedWork,Application", "/reports/credentialuserregistrationdetails": "least=DelegatedWork,Application", "/reports/getazureadapplicationsigninsummary(period={value})": "least=DelegatedWork,Application", "/reports/getbrowserdistributionusercounts(period={value})": "least=DelegatedWork,Application", @@ -46591,6 +46609,20 @@ "paths": { "/sites/getOperationStatus(operationId='{id}')": "" } + }, + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/drives/{id}/items/{id}/retentionLabel": "", + "/groups/{id}/drive/items/{id}/retentionLabel": "", + "/me/drive/items/{id}/retentionLabel": "", + "/users/{user-id}/drive/items/{item-id}/retentionLabel": "" + } } ], "ownerInfo": { @@ -47902,6 +47934,21 @@ "/users/{user-id}/drive/root:/{item-path}/media/reactions": "least=DelegatedWork,DelegatedPersonal" } }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/drives/{id}/items/{id}/retentionLabel": "", + "/groups/{id}/drive/items/{id}/retentionLabel": "", + "/me/drive/items/{id}/retentionLabel": "", + "/users/{user-id}/drive/items/{item-id}/retentionLabel": "" + } + }, { "schemeKeys": [ "DelegatedWork" diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index ab393fcb..9723c708 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -503,17 +503,7 @@ "isEnabled": false, "resourceAppId": "00000002-0000-0000-c000-000000000000" } - ], - "AgentIdentityBlueprintPrincipal.CreateAsManager": [ - { - "id": "c50c596a-6889-4460-acb1-3ed7c5fc142a", - "scheme": "Application", - "environment": "PPE;public", - "isHidden": true, - "isEnabled": false, - "resourceAppId": "00000002-0000-0000-c000-000000000000" - } - ], + ], "AgentIdentityBlueprintPrincipal.Read.All": [ { "id": "", @@ -4404,6 +4394,24 @@ "resourceAppId": "" } ], + "DelegatedPermissionGrant.ReadWrite.ManagedBy": [ + { + "id": "8b7aa0f1-33fa-4590-b40d-c4fc375948b5", + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "87e86d7b-d7db-424e-be87-d7be784cf70d", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "CallAiInsights.Read.All": [ { "id": "e24bdaf9-83f8-468b-a144-c681ccb6caf4", @@ -17311,6 +17319,24 @@ "resourceAppId": "66244124-575c-4284-92bc-fdd00e669cea" } ], + "User.Create": [ + { + "id": "e0fc39a6-9789-4d47-8577-c63811c29715", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "131ccc87-9862-47a1-8701-e7a42f63ebc6", + "scheme": "Application", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "User.DeleteRestore.All": [ { "id": "4bb440cd-2cf2-4f90-8004-aa2acd2537c5", @@ -17557,6 +17583,24 @@ "resourceAppId": "" } ], + "User.ReadUpdate.All": [ + { + "id": "f0e73743-5699-4cb9-9ffe-d68e48294c63", + "scheme": "DelegatedWork", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "c58d0ec5-14a8-4df9-a3dd-4d587fde18d0", + "scheme": "Application", + "environment": "", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "UserActivity.ReadWrite.CreatedByApp": [ { "id": "47607519-5fb1-47d9-99c7-da4b48f369b1", From f5fa676cd45652613b93b5c5a2df9d07a2fb83ef Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Thu, 19 Mar 2026 11:57:48 +0300 Subject: [PATCH 2/2] Weekly Permissions sync 2026-03-19 --- permissions/new/permissions.json | 178 +++++++++++++++++++++++++- permissions/new/provisioningInfo.json | 16 +++ 2 files changed, 190 insertions(+), 4 deletions(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 9fcc068f..7f4ba933 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -20742,6 +20742,10 @@ "/compliance/ediscovery/cases/{id}/sourcecollections/{id}/noncustodialsources": "least=DelegatedWork,Application", "/compliance/ediscovery/cases/{id}/tags/{id}/childtags": "least=DelegatedWork,Application", "/compliance/ediscovery/cases/{id}/tags/ashierarchy": "least=DelegatedWork,Application", + "/security/cases/ediscoverycases/{id}/caseDatasources": "least=DelegatedWork,Application", + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}": "least=DelegatedWork,Application", + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}/locations": "least=DelegatedWork,Application", + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}/locations/{id}": "least=DelegatedWork,Application", "/security/cases/ediscoverycases/{id}/custodians/{id}": "least=DelegatedWork,Application", "/security/cases/ediscoverycases/{id}/custodians/{id}/lastindexoperation": "least=DelegatedWork,Application", "/security/cases/ediscoverycases/{id}/noncustodialdatasources/{id}": "least=DelegatedWork,Application", @@ -20882,6 +20886,7 @@ "/compliance/ediscovery/cases/{id}/settings/resettodefault": "least=DelegatedWork,Application", "/compliance/ediscovery/cases/{id}/sourcecollections/{id}/estimatestatistics": "", "/compliance/ediscovery/cases/{id}/sourcecollections/{id}/purgedata": "least=DelegatedWork,Application", + "/security/cases/ediscoverycases/{id}/caseDatasources": "least=DelegatedWork,Application", "/security/cases/ediscoverycases/{id}/close": "", "/security/cases/ediscoverycases/{id}/custodians/{id}/activate": "", "/security/cases/ediscoverycases/{id}/custodians/{id}/applyhold": "", @@ -20964,6 +20969,10 @@ "/compliance/ediscovery/cases/{id}/sourcecollections/{id}/lastestimatestatisticsoperation": "", "/compliance/ediscovery/cases/{id}/tags/{id}/childtags": "", "/compliance/ediscovery/cases/{id}/tags/ashierarchy": "", + "/security/cases/ediscoverycases/{id}/caseDatasources": "", + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}": "", + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}/locations": "", + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}/locations/{id}": "", "/security/cases/ediscoverycases/{id}/custodians/{id}": "", "/security/cases/ediscoverycases/{id}/custodians/{id}/lastindexoperation": "", "/security/cases/ediscoverycases/{id}/noncustodialdatasources/{id}": "", @@ -20991,6 +21000,7 @@ "DELETE" ], "paths": { + "/security/cases/ediscoverycases/{id}/caseDatasources/{id}": "least=DelegatedWork,Application", "/security/cases/ediscoverycases/{id}/searches/{id}/custodiansources/{id}": "least=DelegatedWork,Application", "/security/cases/ediscoverycases/{id}/searches/{id}/noncustodialsources/{id}": "least=DelegatedWork,Application" } @@ -46144,7 +46154,31 @@ "privilegeLevel": 2 } }, - "pathSets": [], + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/notes": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/{id}": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/{id}/attachments": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/{id}/attachments/{id}": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/{id}/attachments/{id}/$value": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/delta": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}/attachments": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}/attachments/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}/attachments/{id}/$value": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/delta": "least=DelegatedWork,DelegatedPersonal" + } + } + ], "ownerInfo": { "ownerSecurityGroup": "stickynotes" } @@ -46159,7 +46193,24 @@ "privilegeLevel": 4 } }, - "pathSets": [], + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/notes": "least=Application", + "/users/{id}/notes/{id}": "least=Application", + "/users/{id}/notes/{id}/attachments": "least=Application", + "/users/{id}/notes/{id}/attachments/{id}": "least=Application", + "/users/{id}/notes/{id}/attachments/{id}/$value": "least=Application", + "/users/{id}/notes/delta": "least=Application" + } + } + ], "ownerInfo": { "ownerSecurityGroup": "stickynotes" } @@ -46184,7 +46235,74 @@ "privilegeLevel": 2 } }, - "pathSets": [], + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/notes": "", + "/me/notes/{id}": "", + "/me/notes/{id}/attachments": "", + "/me/notes/{id}/attachments/{id}": "", + "/me/notes/{id}/attachments/{id}/$value": "", + "/me/notes/delta": "", + "/users/{id}/notes": "", + "/users/{id}/notes/{id}": "", + "/users/{id}/notes/{id}/attachments": "", + "/users/{id}/notes/{id}/attachments/{id}": "", + "/users/{id}/notes/{id}/attachments/{id}/$value": "", + "/users/{id}/notes/delta": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "POST" + ], + "paths": { + "/me/notes": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/{id}/attachments": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}/attachments": "least=DelegatedWork,DelegatedPersonal" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/me/notes/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}": "least=DelegatedWork,DelegatedPersonal" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "DelegatedPersonal" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/me/notes/{id}": "least=DelegatedWork,DelegatedPersonal", + "/me/notes/{id}/attachments/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}": "least=DelegatedWork,DelegatedPersonal", + "/users/{id}/notes/{id}/attachments/{id}": "least=DelegatedWork,DelegatedPersonal" + } + } + ], "ownerInfo": { "ownerSecurityGroup": "stickynotes" } @@ -46199,7 +46317,59 @@ "privilegeLevel": 4 } }, - "pathSets": [], + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/users/{id}/notes": "", + "/users/{id}/notes/{id}": "", + "/users/{id}/notes/{id}/attachments": "", + "/users/{id}/notes/{id}/attachments/{id}": "", + "/users/{id}/notes/{id}/attachments/{id}/$value": "", + "/users/{id}/notes/delta": "" + } + }, + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/users/{id}/notes": "least=Application", + "/users/{id}/notes/{id}/attachments": "least=Application" + } + }, + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "PATCH" + ], + "paths": { + "/users/{id}/notes/{id}": "least=Application" + } + }, + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "DELETE" + ], + "paths": { + "/users/{id}/notes/{id}": "least=Application", + "/users/{id}/notes/{id}/attachments/{id}": "least=Application" + } + } + ], "ownerInfo": { "ownerSecurityGroup": "stickynotes" } diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index 9723c708..3418bf45 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -14539,6 +14539,14 @@ "isHidden": false, "isEnabled": true, "resourceAppId": "" + }, + { + "id": "a1f2e3d4-b5c6-4a7b-8c9d-0e1f2a3b4c5d", + "scheme": "DelegatedPersonal", + "environment": "public", + "isHidden": false, + "isEnabled": true, + "resourceAppId": "" } ], "ShortNotes.Read.All": [ @@ -14559,6 +14567,14 @@ "isHidden": false, "isEnabled": true, "resourceAppId": "" + }, + { + "id": "b2e3f4d5-c6a7-4b8c-9d0e-1f2a3b4c5d6e", + "scheme": "DelegatedPersonal", + "environment": "public", + "isHidden": false, + "isEnabled": true, + "resourceAppId": "" } ], "ShortNotes.ReadWrite.All": [