Conversation
There was a problem hiding this comment.
Pull request overview
Weekly permissions sync update to keep permissions/new/provisioningInfo.json aligned with the latest permission deployment metadata.
Changes:
- Filled in previously-empty
idGUIDs for severalAppManagementOnboarding*permission deployments. - Added new hidden permission deployments (e.g.,
AppManagementOnboarding*Test*,EngagementExport.Read.All,SecurityIdentitiesMigration.*). - Renamed
CrossTenantRoleAssignment.{Create,Delete}provisioning keys toMS-CrossTenantRoleAssignment.{Create,Delete}and adjustedAgentIdentity.Create.Allhidden flag for DelegatedWork.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "SecurityIdentitiesMigration.Read.All": [ | ||
| { | ||
| "scheme": "DelegatedWork", | ||
| "environment": "public", | ||
| "isHidden": true, | ||
| "isEnabled": true, | ||
| "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" |
There was a problem hiding this comment.
The new SecurityIdentitiesMigration.* deployment objects are missing the id property entirely. Elsewhere in this file each deployment object includes an id field (even when empty), so omitting it is inconsistent and may break tooling that expects a stable schema. Add an id field to both the DelegatedWork and Application objects (populate it if known, otherwise keep it as an empty string).
| "SecurityIdentitiesMigration.ReadWrite.All": [ | ||
| { | ||
| "scheme": "DelegatedWork", | ||
| "environment": "public", | ||
| "isHidden": true, | ||
| "isEnabled": true, | ||
| "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740" |
There was a problem hiding this comment.
SecurityIdentitiesMigration.ReadWrite.All deployment objects also omit the id field. Please add id to both entries (DelegatedWork and Application) to match the schema used throughout provisioningInfo.json.
Weekly Permissions sync 2026-02-26