Weekly Permissions sync 2026-01-18 #1409
Conversation
There was a problem hiding this comment.
Pull request overview
This pull request contains a weekly synchronization of permissions data for Microsoft Graph API permissions. The changes include adding new permissions, renaming existing ones, updating permission requirements, and modifying API path definitions.
Changes:
- Added three new agent-related permissions with empty IDs (AgentIdentityBlueprintPrincipal.ReadWrite.ManagedBy, AgentIdentity.ReadWrite.ManagedBy, AgentIdUser.ReadWrite.ManagedBy)
- Renamed EntraBackup.Read.Preview to EntraBackup.Read.All
- Enabled MailboxItem.Export permissions with new IDs and full definitions
- Updated several mailbox-related permissions to require admin consent
- Split crossTenantMailTips into crossTenantMailTipsAll and crossTenantMailTipsLimited
- Added crossTenantPlacesDeskBooking and crossTenantPlacesRoomBooking paths
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| permissions/new/provisioningInfo.json | Added new agent permission entries with missing IDs, renamed EntraBackup permission, enabled and added IDs for MailboxItem.Export permissions |
| permissions/new/permissions.json | Added MailboxItem.Export permission definitions, updated requiresAdminConsent flags for mailbox permissions, refined cross-tenant policy paths, added Windows update policy path |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "resourceAppId": "00000002-0000-0000-c000-000000000000" | ||
| }, | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
The "id" field is empty for this permission entry. Each permission entry should have a valid unique identifier (typically a UUID). This could cause issues with permission provisioning and tracking.
| ], | ||
| "AgentIdentity.ReadWrite.ManagedBy": [ | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
The "id" field is empty for this permission entry. Each permission entry should have a valid unique identifier (typically a UUID). This could cause issues with permission provisioning and tracking.
| "resourceAppId": "00000002-0000-0000-c000-000000000000" | ||
| }, | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
The "id" field is empty for this permission entry. Each permission entry should have a valid unique identifier (typically a UUID). This could cause issues with permission provisioning and tracking.
| ], | ||
| "AgentIdUser.ReadWrite.ManagedBy": [ | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
The "id" field is empty for this permission entry. Each permission entry should have a valid unique identifier (typically a UUID). This could cause issues with permission provisioning and tracking.
| "resourceAppId": "00000002-0000-0000-c000-000000000000" | ||
| }, | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
The "id" field is empty for this permission entry. Each permission entry should have a valid unique identifier (typically a UUID). This could cause issues with permission provisioning and tracking.
| ], | ||
| "AgentIdentityBlueprintPrincipal.ReadWrite.ManagedBy": [ | ||
| { | ||
| "id": "", |
There was a problem hiding this comment.
The "id" field is empty for this permission entry. Each permission entry should have a valid unique identifier (typically a UUID). This could cause issues with permission provisioning and tracking.
Weekly Permissions sync 2026-01-18