Conversation
There was a problem hiding this comment.
Pull request overview
This PR synchronizes permissions configuration data as part of a weekly automated update dated 2026-01-16. The changes add new permission scopes and update API endpoint paths.
Changes:
- Added five new AppManagementOnboarding permission scopes with associated resource app IDs
- Added new Policy.ReadWrite.AuthMethod-Features permission scope
- Updated conditional access claim provider validation path to include a name parameter
- Added new planner task messages endpoints for GET, POST, DELETE, and PATCH operations
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| permissions/new/provisioningInfo.json | Adds new permission scope definitions for AppManagementOnboarding and Policy.ReadWrite.AuthMethod-Features |
| permissions/new/permissions.json | Updates conditional access validation path and adds planner task messages API endpoints |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "resourceAppId": "" | ||
| } | ||
| ], | ||
| "Policy.ReadWrite.AuthMethod-Features": [ |
There was a problem hiding this comment.
The permission name 'Policy.ReadWrite.AuthMethod-Features' uses a hyphen, which is inconsistent with the naming convention used by adjacent permissions like 'Policy.ReadWrite.AuthenticationMethod' and 'Policy.ReadWrite.AuthenticationFlows' that use camelCase. Consider using 'Policy.ReadWrite.AuthMethodFeatures' instead for consistency.
| "Policy.ReadWrite.AuthMethod-Features": [ | |
| "Policy.ReadWrite.AuthMethodFeatures": [ |
| "POST" | ||
| ], | ||
| "paths": { | ||
| "/planner/tasks/{taskId}/messages/{id}/reactions": "least=DelegatedWork" |
There was a problem hiding this comment.
The path parameter uses '{taskId}' while other planner paths in this file consistently use '{id}' for task identifiers (e.g., '/planner/tasks/{id}/messages/{id}' on line 48817). This inconsistency could cause confusion. Consider using '{id}' for consistency, or use more descriptive parameter names like '{taskId}' and '{messageId}' to disambiguate.
| "PATCH" | ||
| ], | ||
| "paths": { | ||
| "/planner/tasks/{id}/messages/{id}": "least=DelegatedWork" |
There was a problem hiding this comment.
The path '/planner/tasks/{id}/messages/{id}' uses the same parameter name '{id}' for both the task and message identifiers, which is ambiguous. Consider using distinct parameter names like '{taskId}' and '{messageId}' to clearly identify which resource each parameter refers to.
Weekly Permissions sync 2026-01-16