From da3cb398aa2b29a50c1f5d3f751fcbb77926f23d Mon Sep 17 00:00:00 2001 From: David <1511024+marabooy@users.noreply.github.com> Date: Sun, 18 Jan 2026 03:30:33 +0300 Subject: [PATCH] Weekly Permissions sync 2026-01-18 --- permissions/new/permissions.json | 89 ++++++++++++++++++++++++--- permissions/new/provisioningInfo.json | 66 ++++++++++++++++++-- 2 files changed, 140 insertions(+), 15 deletions(-) diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 0ad1e575..d1a1009e 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -32212,7 +32212,7 @@ "adminDescription": "Allows the app to read the user's mailbox folders, on behalf of the the signed-in user.", "userDisplayName": "Read your mailbox folders", "userDescription": "Allows the app to read your mailbox folders, on your behalf", - "requiresAdminConsent": false, + "requiresAdminConsent": true, "privilegeLevel": 2 } }, @@ -32270,7 +32270,7 @@ "adminDescription": "Allows the app to read and write the user's mailbox folders, on behalf of the the signed-in user.", "userDisplayName": "Read and write your mailbox folders", "userDescription": "Allows the app to read and write your mailbox folders, on your behalf", - "requiresAdminConsent": false, + "requiresAdminConsent": true, "privilegeLevel": 2 } }, @@ -32346,6 +32346,62 @@ "ownerSecurityGroup": "stisaprvc" } }, + "MailboxItem.Export": { + "authorizationType": "oAuth2", + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Export a user's mailbox items", + "adminDescription": "Allows the app to export the user's mailbox items, on behalf of the the signed-in user.", + "userDisplayName": "Export your mailbox items", + "userDescription": "Allows the app to export your mailbox items, on your behalf", + "requiresAdminConsent": true, + "privilegeLevel": 2 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork" + ], + "methods": [ + "POST" + ], + "paths": { + "/admin/exchange/mailboxes/{id}/exportItems": "least=DelegatedWork" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "stisaprvc" + } + }, + "MailboxItem.Export.All": { + "authorizationType": "oAuth2", + "schemes": { + "Application": { + "adminDisplayName": "Export all the users' mailbox items", + "adminDescription": "Allows the app to export all the users' mailbox items, without signed-in user.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "Application" + ], + "methods": [ + "POST" + ], + "paths": { + "/admin/exchange/mailboxes/{id}/exportItems": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "stisaprvc" + } + }, "MailboxItem.ImportExport": { "authorizationType": "oAuth2", "schemes": { @@ -32354,7 +32410,7 @@ "adminDescription": "Allows the app to export and import the user's mailbox items, on behalf of the the signed-in user.", "userDisplayName": "Export and import your mailbox items", "userDescription": "Allows the app to export and import your mailbox items, on your behalf", - "requiresAdminConsent": false, + "requiresAdminConsent": true, "privilegeLevel": 2 } }, @@ -32412,7 +32468,7 @@ "adminDescription": "Allows the app to read the user's mailbox items, on behalf of the the signed-in user.", "userDisplayName": "Read your mailbox items", "userDescription": "Allows the app to read your mailbox items, on your behalf", - "requiresAdminConsent": false, + "requiresAdminConsent": true, "privilegeLevel": 2 } }, @@ -36904,8 +36960,11 @@ "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTipsAll": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTipsLimited": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantPlacesDeskBooking": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantPlacesRoomBooking": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/identitysynchronization": "least=DelegatedWork,Application", @@ -36915,9 +36974,12 @@ "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTipsAll": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTipsLimited": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMigration": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantPlacesDeskBooking": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantPlacesRoomBooking": "least=DelegatedWork,Application", "/policies/defaultappmanagementpolicy": "least=DelegatedWork,Application", "/policies/externalidentitiespolicy": "least=DelegatedWork,Application", "/policies/homerealmdiscoverypolicies": "least=DelegatedWork,Application", @@ -38539,8 +38601,11 @@ "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application" + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTipsAll": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantMailTipsLimited": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantPlacesDeskBooking": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantPlacesRoomBooking": "least=DelegatedWork,Application" } }, { @@ -38559,9 +38624,12 @@ "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyDetail": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusyReviewer": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantCalendarSharingFreeBusySimple": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTips": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTipsAll": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailTipsLimited": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMigration": "least=DelegatedWork,Application", - "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application" + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantPlacesDeskBooking": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantPlacesRoomBooking": "least=DelegatedWork,Application" } } ], @@ -60640,6 +60708,7 @@ "/admin/windows/updates/knownIssues/{id}": "least=DelegatedWork,Application", "/admin/windows/updates/knownIssues/Default.findByKbNumber(kbNumber={kbNumber})": "least=DelegatedWork,Application", "/admin/windows/updates/knownIssues/findByKbNumber(kbNumber={kbNumber})": "least=DelegatedWork,Application", + "/admin/windows/updates/policies/{id}/applicableContent": "least=DelegatedWork,Application", "/admin/windows/updates/products": "least=DelegatedWork,Application", "/admin/windows/updates/products/{id}": "least=DelegatedWork,Application", "/admin/windows/updates/products/{id}/Default.getKnownIssuesByTimeRange(daysInPast={daysInPast},includeAllActive={includeAllActive})": "least=DelegatedWork,Application", diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json index 9c7bd277..ccb9e6a6 100644 --- a/permissions/new/provisioningInfo.json +++ b/permissions/new/provisioningInfo.json @@ -586,6 +586,24 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" } ], + "AgentIdentityBlueprintPrincipal.ReadWrite.ManagedBy": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "Agreement.Read.All": [ { "id": "af2819c9-df71-4dd3-ade7-4d7c9dc653b7", @@ -5816,7 +5834,7 @@ "resourceAppId": "" } ], - "EntraBackup.Read.Preview": [ + "EntraBackup.Read.All": [ { "id": "c16f30f0-3121-4976-bafe-66cb042f4f80", "scheme": "Application", @@ -8468,10 +8486,11 @@ ], "MailboxItem.Export": [ { + "id": "58d3e7fa-3ce9-4a0c-9baa-0971f64709d9", "scheme": "DelegatedWork", "environment": "PPE;public", - "isHidden": true, - "isEnabled": false, + "isHidden": false, + "isEnabled": true, "resourceAppId": "c999ed3e-27ae-4cb3-b3a2-46b056af63d3" } ], @@ -8487,10 +8506,11 @@ ], "MailboxItem.Export.All": [ { + "id": "937550e9-33a3-494b-88ae-d9cd394b1fbb", "scheme": "Application", "environment": "PPE;public", - "isHidden": true, - "isEnabled": false, + "isHidden": false, + "isEnabled": true, "resourceAppId": "c999ed3e-27ae-4cb3-b3a2-46b056af63d3" } ], @@ -13623,6 +13643,24 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" } ], + "AgentIdentity.ReadWrite.ManagedBy": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "ServicePrincipal.Manage.OwnedBy": [ { "id": "6930b171-5cf8-4865-ba0f-cfce959d1bca", @@ -16607,6 +16645,24 @@ "resourceAppId": "00000002-0000-0000-c000-000000000000" } ], + "AgentIdUser.ReadWrite.ManagedBy": [ + { + "id": "", + "scheme": "Application", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + }, + { + "id": "", + "scheme": "DelegatedWork", + "environment": "PPE;public", + "isHidden": true, + "isEnabled": true, + "resourceAppId": "00000002-0000-0000-c000-000000000000" + } + ], "User.RevokeSessions.All": [ { "id": "fc30e98b-8810-4501-81f5-c20a3196387b",