Conversation
There was a problem hiding this comment.
Pull request overview
Weekly permissions sync updating the permissions catalog and provisioning metadata to reflect newly onboarded/updated scopes and API path mappings.
Changes:
- Enabled and assigned IDs for
AgentRegistration.*inprovisioningInfo.json, and added correspondingAgentRegistration.*scope definitions inpermissions.json. - Added/updated permission provisioning entries (e.g., new calendar app-only variants, AppGalleryIntegrationRequest updates, new print-related entries).
- Updated multiple permission-to-path mappings (e.g., agent sign-in sessions paths, Cloud PC set device name action, new Network Access report function, new Reports endpoint, and a new Print alert settings ReadWrite permission).
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| permissions/new/provisioningInfo.json | Updates provisioning metadata: toggles/enables IDs, adds new permission deployment entries, and adjusts resourceAppId mappings. |
| permissions/new/permissions.json | Updates permission definitions and expands pathSets for several permissions, including new AgentRegistration.* scopes and print/network/report path mappings. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| @@ -680,37 +680,37 @@ | |||
| ], | |||
| "AgentRegistration.Read.All": [ | |||
There was a problem hiding this comment.
AgentRegistration.Read.All appears to be indented one extra space compared to surrounding top-level permission keys, which breaks the file’s otherwise consistent 2-space JSON indentation and makes diffs harder to scan. Align this key with the other top-level keys in the object.
| "AgentRegistration.Read.All": [ | |
| "AgentRegistration.Read.All": [ |
| "InfoProtectABACPolicy.Read.All": [ | ||
| { |
There was a problem hiding this comment.
The InfoProtectABACPolicy.Read.All key (and the start of its array) is indented differently than surrounding top-level permission keys/array items in this file. Please realign it to match the established indentation pattern for top-level permission keys and their array items to keep formatting consistent.
| "adminDisplayName": "Read all agent registrations", | ||
| "adminDescription": "Allows the user to read all agent registration information", | ||
| "userDisplayName": "Read all agent registrations", | ||
| "userDescription": "Allows the app to read agent registration information.", | ||
| "requiresAdminConsent": false, |
There was a problem hiding this comment.
For AgentRegistration.Read.All (DelegatedWork), the description strings are internally inconsistent (adminDescription says “Allows the user…”, while userDescription says “Allows the app…”) and they omit the common “on behalf of the signed-in user / on your behalf” phrasing used elsewhere for delegated permissions. Consider aligning both descriptions to the standard delegated wording to avoid confusion on consent screens.
| "adminDisplayName": "Read and write all agent registrations", | ||
| "adminDescription": "Allows the user to read and write all agent registration information", | ||
| "userDisplayName": "Read and write all agent registrations", | ||
| "userDescription": "Allows the app to read and write agent registration information.", | ||
| "requiresAdminConsent": true, |
There was a problem hiding this comment.
For AgentRegistration.ReadWrite.All (DelegatedWork), the consent descriptions have the same inconsistency as the read scope (“Allows the user…” vs “Allows the app…”) and don’t follow the usual delegated phrasing (“on behalf of the signed-in user” / “on your behalf”). Aligning these strings with the established pattern will make consent prompts clearer and consistent.
Weekly Permissions sync 2026-04-28