diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json index 261f22ed..983af805 100644 --- a/permissions/new/ProvisioningInfo.json +++ b/permissions/new/ProvisioningInfo.json @@ -1868,6 +1868,16 @@ "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" } ], + "ChannelMember.ReadWrite.Group": [ + { + "id": "7b795957-4e3f-4fbe-a18b-6b8736adc00f", + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "ab3be6b7-f5df-413d-ac2d-abf1e3fd9c0b" + } + ], "ChannelMember.ReadWrite.All": [ { "id": "0c3e411a-ce45-4cd1-8f30-f99a3efa7b11", @@ -8762,6 +8772,22 @@ "resourceAppId": "" } ], + "Policy.ReadWrite.CrossTenantCapability": [ + { + "scheme": "DelegatedWork", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "25254d2d-55ce-461a-b245-3258f0f6a24d" + }, + { + "scheme": "Application", + "environment": "public", + "isHidden": true, + "isEnabled": false, + "resourceAppId": "25254d2d-55ce-461a-b245-3258f0f6a24d" + } + ], "Policy.ReadWrite.DeviceConfiguration": [ { "id": "40b534c3-9552-4550-901b-23879c90bcf9", @@ -14002,7 +14028,7 @@ "id": "b7fb81ff-4a7a-4d54-b790-8f47aa4818cb", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } @@ -14020,7 +14046,7 @@ "id": "5e20ac9f-f42c-4807-8c3c-9fe7904be5b6", "scheme": "Application", "environment": "public", - "isHidden": true, + "isHidden": false, "isEnabled": true, "resourceAppId": "ea890292-c8c8-4433-b5ea-b09d0668e1a6" } diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json index 24805236..0ccc948c 100644 --- a/permissions/new/permissions.json +++ b/permissions/new/permissions.json @@ -5987,8 +5987,8 @@ "paths": { "/chats/{id}/members/{id}": "", "/teams/{id}/channels/{id}/doesuserhaveaccess": "least=DelegatedWork,Application", - "/teams/{id}/channels/{id}/members": "least=Application", - "/teams/{id}/channels/{id}/members/{id}": "least=DelegatedWork,Application", + "/teams/{id}/channels/{id}/members": "", + "/teams/{id}/channels/{id}/members/{id}": "least=DelegatedWork", "/teams/{id}/channels/{id}/sharedwithteams": "least=DelegatedWork,Application", "/teams/{id}/channels/{id}/sharedwithteams/{id}": "least=DelegatedWork,Application", "/teams/{id}/channels/{id}/sharedwithteams/{id}/allowedmembers": "least=DelegatedWork,Application" @@ -6104,7 +6104,7 @@ "POST" ], "paths": { - "/teams/{id}/channels/{id}/members": "least=DelegatedWork,Application" + "/teams/{id}/channels/{id}/members": "least=DelegatedWork" } }, { @@ -6118,7 +6118,7 @@ "PATCH" ], "paths": { - "/teams/{id}/channels/{id}/members/{id}": "least=DelegatedWork,Application" + "/teams/{id}/channels/{id}/members/{id}": "least=DelegatedWork" } }, { @@ -31432,9 +31432,14 @@ "/policies/claimsmappingpolicies/{id}/appliesto": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/default": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/default/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}": "least=DelegatedWork,Application", "/policies/crosstenantaccesspolicy/partners/{id}/identitysynchronization": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantMailboxMigration": "least=DelegatedWork,Application", + "/policies/crosstenantaccesspolicy/partners/{id}/m365Capabilities/crossTenantOpenProfileCard": "least=DelegatedWork,Application", "/policies/defaultappmanagementpolicy": "least=DelegatedWork,Application", "/policies/externalidentitiespolicy": "least=DelegatedWork,Application", "/policies/homerealmdiscoverypolicies": "least=DelegatedWork,Application", @@ -49538,6 +49543,100 @@ "ownerSecurityGroup": "mfateam" } }, + "UserAuthMethod-Passkey.Read.All": { + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read all users' passkey authentication methods", + "adminDescription": "Allows the app to read passkey authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read all users' passkey authentication methods", + "userDescription": "Allows the app to read passkey authentication methods of all users you have access to in your organization.This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 3 + }, + "Application": { + "adminDisplayName": " Read all users' passkey authentication methods", + "adminDescription": " Allows the app to read passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/fido2methods": "", + "/me/authentication/fido2methods/{id}": "", + "/me/authentication/fido2methods/creationOptions": "", + "/users/{id}/authentication/fido2methods": "", + "/users/{id}/authentication/fido2methods/{id}": "", + "/users/{id}/authentication/fido2methods/creationOptions": "" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, + "UserAuthMethod-Passkey.ReadWrite.All": { + "schemes": { + "DelegatedWork": { + "adminDisplayName": "Read and write all users' passkey methods.", + "adminDescription": "Allows the app to read and write passkey authentication methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "userDisplayName": "Read and write all users' passkey authentication methods", + "userDescription": "Allows the app to read and write passkey authentication methods of all users you have access to in your organization. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.", + "requiresAdminConsent": true, + "privilegeLevel": 4 + }, + "Application": { + "adminDisplayName": "Read and write all users' passkey authentication methods", + "adminDescription": "Allows the application to read and write passkey authentication methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods", + "requiresAdminConsent": true, + "privilegeLevel": 4 + } + }, + "pathSets": [ + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "GET" + ], + "paths": { + "/me/authentication/fido2methods": "", + "/me/authentication/fido2methods/{id}": "", + "/me/authentication/fido2methods/creationOptions": "", + "/users/{id}/authentication/fido2methods": "", + "/users/{id}/authentication/fido2methods/{id}": "", + "/users/{id}/authentication/fido2methods/creationOptions": "" + } + }, + { + "schemeKeys": [ + "DelegatedWork", + "Application" + ], + "methods": [ + "DELETE", + "PATCH" + ], + "paths": { + "/me/authentication/fido2methods/{id}": "least=Application", + "/users/{id}/authentication/fido2methods/{id}": "least=Application" + } + } + ], + "ownerInfo": { + "ownerSecurityGroup": "mfateam" + } + }, "UserShiftPreferences.Read.All": { "schemes": { "Application": {