From b9a58606cd694033a29c534d09c555bf12c627a5 Mon Sep 17 00:00:00 2001
From: David <1511024+marabooy@users.noreply.github.com>
Date: Thu, 7 May 2026 03:27:44 +0300
Subject: [PATCH 1/2] Weekly Permissions sync 2026-05-07

---
 permissions/new/permissions.json      | 16 ++++++++++++++++
 permissions/new/provisioningInfo.json | 20 ++++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json
index 851dcee0..7b242f11 100644
--- a/permissions/new/permissions.json
+++ b/permissions/new/permissions.json
@@ -37780,6 +37780,7 @@
             "/applications/{id}/tokenissuancepolicies": "AlsoRequires=Application.ReadWrite.All",
             "/applications/{id}/tokenlifetimepolicies": "AlsoRequires=Application.ReadWrite.All",
             "/identity/conditionalaccess/namedlocations": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies": "least=DelegatedWork,Application",
             "/serviceprincipals(appid={value})/claimsmappingpolicies": "AlsoRequires=Application.ReadWrite.All",
             "/serviceprincipals(appid={value})/homerealmdiscoverypolicies": "AlsoRequires=Application.ReadWrite.All",
@@ -37931,6 +37932,9 @@
           ],
           "paths": {
             "/identity/conditionalaccess/namedlocations/{id}": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies/{id}": "least=DelegatedWork,Application"
           }
         },
@@ -38364,6 +38368,10 @@
           ],
           "paths": {
             "/identity/conditionalaccess/authenticationcontextclassreferences": "",
+            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/settings": "least=DelegatedWork,Application"
           }
         },
@@ -39215,6 +39223,10 @@
             "/identity/conditionalaccess/authenticationstrength/authenticationmethodmodes/{id}": "",
             "/identity/conditionalaccess/authenticationstrength/combinations": "",
             "/identity/conditionalaccess/authenticationstrength/policies/{id}/combinationconfigurations": "",
+            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/policies/authenticationstrengthpolicies": "",
             "/policies/authenticationstrengthpolicies/{id}/usage": "",
             "/policies/authenticationstrengthpolicies/findbymethodmode(authenticationmethodmodes={value})": ""
@@ -39259,6 +39271,8 @@
           "paths": {
             "/identity/conditionalaccess/evaluate": "",
             "/identity/conditionalaccess/namedlocations": "",
+            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies": "",
             "/policies/authenticationstrengthpolicies/{id}/updateallowedcombinations": "least=DelegatedWork,Application"
           }
@@ -39274,6 +39288,8 @@
           ],
           "paths": {
             "/identity/conditionalaccess/namedlocations/{id}": "",
+            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
+            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies/{id}": ""
           }
         },
diff --git a/permissions/new/provisioningInfo.json b/permissions/new/provisioningInfo.json
index 2a36d5af..fce66a71 100644
--- a/permissions/new/provisioningInfo.json
+++ b/permissions/new/provisioningInfo.json
@@ -677,6 +677,16 @@
         "isEnabled": false,
         "resourceAppId": "00000002-0000-0000-c000-000000000000"
       }
+    ],
+    "AgentIdentityBlueprintPrincipal.UpdateLcpComplianceProperty.All": [
+      {
+        "id": "",
+        "scheme": "Application",
+        "environment": "PPE;public",
+        "isHidden": true,
+        "isEnabled": false,
+        "resourceAppId": "00000002-0000-0000-c000-000000000000"
+      }
     ],
      "AgentRegistration.Read.All": [
       {
@@ -14857,6 +14867,16 @@
         "resourceAppId": "00000002-0000-0000-c000-000000000000"
       }
     ],
+    "AgentIdentity.UpdateLcpComplianceProperty.All": [
+      {
+        "id": "",
+        "scheme": "Application",
+        "environment": "PPE;public",
+        "isHidden": true,
+        "isEnabled": false,
+        "resourceAppId": "00000002-0000-0000-c000-000000000000"
+      }
+    ],
     "AgentIdentity.ReadWrite.ManagedBy": [
       {
         "id": "",

From 9ce922cb7edbb904b8517e2e453526d3aaea319b Mon Sep 17 00:00:00 2001
From: David <1511024+marabooy@users.noreply.github.com>
Date: Thu, 7 May 2026 10:17:11 +0300
Subject: [PATCH 2/2] Weekly Permissions sync 2026-05-07

---
 permissions/new/permissions.json | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json
index 7b242f11..851dcee0 100644
--- a/permissions/new/permissions.json
+++ b/permissions/new/permissions.json
@@ -37780,7 +37780,6 @@
             "/applications/{id}/tokenissuancepolicies": "AlsoRequires=Application.ReadWrite.All",
             "/applications/{id}/tokenlifetimepolicies": "AlsoRequires=Application.ReadWrite.All",
             "/identity/conditionalaccess/namedlocations": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies": "least=DelegatedWork,Application",
             "/serviceprincipals(appid={value})/claimsmappingpolicies": "AlsoRequires=Application.ReadWrite.All",
             "/serviceprincipals(appid={value})/homerealmdiscoverypolicies": "AlsoRequires=Application.ReadWrite.All",
@@ -37932,9 +37931,6 @@
           ],
           "paths": {
             "/identity/conditionalaccess/namedlocations/{id}": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies/{id}": "least=DelegatedWork,Application"
           }
         },
@@ -38368,10 +38364,6 @@
           ],
           "paths": {
             "/identity/conditionalaccess/authenticationcontextclassreferences": "",
-            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/settings": "least=DelegatedWork,Application"
           }
         },
@@ -39223,10 +39215,6 @@
             "/identity/conditionalaccess/authenticationstrength/authenticationmethodmodes/{id}": "",
             "/identity/conditionalaccess/authenticationstrength/combinations": "",
             "/identity/conditionalaccess/authenticationstrength/policies/{id}/combinationconfigurations": "",
-            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/policies/authenticationstrengthpolicies": "",
             "/policies/authenticationstrengthpolicies/{id}/usage": "",
             "/policies/authenticationstrengthpolicies/findbymethodmode(authenticationmethodmodes={value})": ""
@@ -39271,8 +39259,6 @@
           "paths": {
             "/identity/conditionalaccess/evaluate": "",
             "/identity/conditionalaccess/namedlocations": "",
-            "/identity/conditionalaccess/plans": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies": "",
             "/policies/authenticationstrengthpolicies/{id}/updateallowedcombinations": "least=DelegatedWork,Application"
           }
@@ -39288,8 +39274,6 @@
           ],
           "paths": {
             "/identity/conditionalaccess/namedlocations/{id}": "",
-            "/identity/conditionalaccess/plans/{id}": "least=DelegatedWork,Application",
-            "/identity/conditionalaccess/plans/{id}/rules/{id}": "least=DelegatedWork,Application",
             "/identity/conditionalaccess/policies/{id}": ""
           }
         },