Skip to content

Weekly Permissions sync 2026-03-11#1466

Open
marabooy wants to merge 1 commit intomasterfrom
permissions-update/2026-03-11
Open

Weekly Permissions sync 2026-03-11#1466
marabooy wants to merge 1 commit intomasterfrom
permissions-update/2026-03-11

Conversation

@marabooy
Copy link
Contributor

@marabooy marabooy commented Mar 11, 2026

Weekly Permissions sync 2026-03-11

@marabooy marabooy requested a review from a team as a code owner March 11, 2026 02:12
Copilot AI review requested due to automatic review settings March 11, 2026 02:12
Copilot AI reviewed Mar 11, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Weekly sync updating permission metadata by adding new Entra App Role privileged access permission entries and normalizing privilegedAccess/group endpoint path casing.

Changes:

  • Added provisioning metadata entries for several *.EntraAppRole privileged access permissions.
  • Normalized /identityGovernance/privilegedAccess/group/... path keys to Graph-style camelCase, including filterByCurrentUser.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
permissions/new/provisioningInfo.json Adds provisioning entries for new EntraAppRole privileged access permissions.
permissions/new/permissions.json Updates privilegedAccess/group paths to camelCase + filterByCurrentUser casing.
Comments suppressed due to low confidence (1)

permissions/new/permissions.json:1

  • These path keys use assignmentscheduleInstances (lowercase s in schedule), which is inconsistent with other entries in the same file that use assignmentScheduleInstances. Since URL paths are generally case-sensitive and this file appears to rely on exact string keys, this likely creates incorrect/mismatched permission mappings. Rename these keys to /identityGovernance/privilegedAccess/group/assignmentScheduleInstances... for consistency with the rest of the document.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

permissions/new/provisioningInfo.json
Comment on lines +11668 to +11683
"PrivilegedAssignmentSchedule.Read.EntraAppRole": [
{
"scheme": "DelegatedWork",
"environment": "",
"isHidden": true,
"isEnabled": true,
"resourceAppId": "01fc33a7-78ba-4d2f-a4b7-768e336e890e"
},
{
"scheme": "Application",
"environment": "",
"isHidden": true,
"isEnabled": true,
"resourceAppId": "01fc33a7-78ba-4d2f-a4b7-768e336e890e"
}
],
Copy link

Copilot AI Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These newly added provisioning entries don’t include an id field, while many adjacent permissions in this file include one. If provisioningInfo.json is schema-validated or consumed by tooling that expects id per scheme entry, this will fail or produce incomplete metadata. Align these objects with the established shape (add the appropriate id value(s) if required by the schema/tooling for DelegatedWork/Application).

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@marabooy