Skip to content

[pull] dev from KelvinTegelaar:dev #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pull wants to merge 220 commits into
base: dev
Choose a base branch
from
Open

[pull] dev from KelvinTegelaar:dev #102

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
220 commits
Select commit Hold shift + click to select a range
ee0398d
feat(endpoint): add Apple ADE and Android enrollment profile listing …
kris6673 May 14, 2026
5ccf15a
fix: missing odata path error in the returned json
kris6673 May 14, 2026
5289a30
feat: ability to add/remove nested groups in group memberships
isgq-github01 May 15, 2026
7ae35c2
post exec tweaks for dedupe queue names
Zacgoose May 15, 2026
fd6e30f
fix(standards): target azureADRegistration in intuneRestrictUserDevic…
kris6673 May 15, 2026
c67bc8d
feat(standards): add intuneRestrictUserDeviceJoin standard
kris6673 May 15, 2026
90b6457
Add AutoExpandingArchiveScope property showing org-level vs mailbox-l…
Zacgoose May 18, 2026
ab83a2b
Update Update-CIPPSAMRedirectUri.ps1
Zacgoose May 18, 2026
d7cda8a
Update Initialize-CIPPAuth.ps1
Zacgoose May 18, 2026
ab5e515
Switch to app auth for authentication changes standard
Zacgoose May 18, 2026
1b1ee68
cache PowerShell enabled status and use cached data for standard
Zacgoose May 19, 2026
6b8ebd4
refactor calls to use new onepass method to store DB data
Zacgoose May 19, 2026
e3e82cd
Cache Security Defaults
Zacgoose May 19, 2026
9ba4871
correct incorrect default value
Zacgoose May 19, 2026
73f8371
add logging to geoip lookip
Zacgoose May 19, 2026
9fce7e7
feat: add in missing options for Windows Hello standard
kris6673 May 21, 2026
1e02bfc
feat(standards): add DLP via DCS standard
kris6673 May 21, 2026
cfa144d
Update Invoke-ListWorkerHealth.ps1
Zacgoose May 22, 2026
a89c2b9
Add Group-Based Licensing support
May 23, 2026
bb2ebc6
fix: Add missing options for Windows Hello standard (#2061)
KelvinTegelaar May 23, 2026
7fbb8ed
Feat: Split Intune device join and registration standards (#2057)
KelvinTegelaar May 23, 2026
77a4be6
fixes #6027
KelvinTegelaar May 23, 2026
4ab85c7
CIPP Hosted Notices
Zacgoose May 23, 2026
dcf382a
Update Build-DevApiModules.ps1
Zacgoose May 23, 2026
9bb2f6b
Update Build-DevApiModules.ps1
Zacgoose May 23, 2026
fa5f4de
remove sso setup from featureflag
JohnDuprey May 24, 2026
df84777
implement standards template deployment for intune apps
KelvinTegelaar May 24, 2026
08ab039
add filtering
KelvinTegelaar May 24, 2026
c81b6a5
add filtering
KelvinTegelaar May 24, 2026
33512c3
FIDO2 profile standards
KelvinTegelaar May 24, 2026
03abdad
add global var showing
KelvinTegelaar May 24, 2026
f09ce56
Update New-TeamsRequest.ps1
Zacgoose May 25, 2026
a0dab59
domain fixes
Zacgoose May 25, 2026
08b972c
timezone changes
Zacgoose May 25, 2026
d854e22
feat: add function to remove users from admin roles
kris6673 May 25, 2026
cb31997
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar May 25, 2026
46015ce
Add APv2 profile
KelvinTegelaar May 25, 2026
05ce60f
Feat: Add function to remove users from admin roles (#2064)
KelvinTegelaar May 25, 2026
a7e30d7
feat: Add DLP via DCS standard (#2062)
KelvinTegelaar May 25, 2026
4214bc7
Fix: Fix missing OData path error in JSON response (#2054)
KelvinTegelaar May 25, 2026
a7b7d4d
feat: Add Apple ADE and Android enrollment profile endpoints (#2053)
KelvinTegelaar May 25, 2026
443e16a
feat: ability to add/remove nested groups in group memberships (#2056)
KelvinTegelaar May 25, 2026
71afcdd
ExoTransportConfig cache type - fix for missing data used in test suites
Zacgoose May 26, 2026
1e63ebf
Update Invoke-CIPPStandardsharingDomainRestriction.ps1
Zacgoose May 26, 2026
59a0e15
update application content type handling
Zacgoose May 26, 2026
e6b800b
remove rerun from alert
Zacgoose May 26, 2026
97dc672
user sync
Zacgoose May 26, 2026
359633a
fix: ensure tenant groups skips cache so they dont alternate anymore …
kris6673 May 26, 2026
49d629e
Update Get-CippApiAuth.ps1
Zacgoose May 26, 2026
22902b0
api fixes
Zacgoose May 26, 2026
5561a5b
Fix: tenant groups cache issue (#2065)
KelvinTegelaar May 26, 2026
95d48d1
Fix for desktop activations copilot ready test
Zacgoose May 27, 2026
a6fdfe2
Make all tenants list for SPO sites fast
Zacgoose May 27, 2026
122aec8
fix for template id casing
Zacgoose May 27, 2026
7d3b480
Update Invoke-CIPPStandardDefenderCompliancePolicy.ps1
Zacgoose May 27, 2026
4915301
use top 500 to minimise requests
Zacgoose May 27, 2026
c5b0e59
smart lockout standard
KelvinTegelaar May 27, 2026
c5a8a20
smart lockout standard
KelvinTegelaar May 27, 2026
f85963b
Sharepoint management functionality.
KelvinTegelaar May 27, 2026
b7d4f5e
Sharepoint management functionality.
KelvinTegelaar May 27, 2026
b7c7218
fix: update terminology from "Temporary Access Password" to "Temporar…
kris6673 May 27, 2026
8a536fe
Fix: Update terminology from "Temporary Access Password" to "Temporar…
KelvinTegelaar May 27, 2026
bdd8602
Add version cleanup
KelvinTegelaar May 27, 2026
e563aea
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar May 27, 2026
829ced8
feat(mailboxes): cache mailbox and archive usage metrics
kris6673 May 27, 2026
0ebb188
implement autopatch
KelvinTegelaar May 27, 2026
e41d532
Update Add-CIPPDbItem.ps1
Zacgoose May 28, 2026
5b7c5a9
Update Invoke-ListWorkerHealth.ps1
Zacgoose May 28, 2026
aefa69b
add compliance admin by default
KelvinTegelaar May 28, 2026
25fcdc1
add 404 detection for non-existing roles
KelvinTegelaar May 28, 2026
25e2b0f
tweaks
Zacgoose May 28, 2026
99dd88c
optimisation
Zacgoose May 28, 2026
0cdc2e8
new auth methods single standard
KelvinTegelaar May 28, 2026
fc080e4
new auth methods single standard
KelvinTegelaar May 28, 2026
a1179a2
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar May 28, 2026
55fea61
Feat: Add online archive report functionality for mailboxes (#2067)
KelvinTegelaar May 28, 2026
1f9fb1f
test invocation optimisations
Zacgoose May 28, 2026
1ac506d
fix: update endpoint roles to use Autopilot.Read
kris6673 May 28, 2026
3f03634
Update Initialize-CIPPAuth.ps1
Zacgoose May 29, 2026
e0f45f2
Backup excluded tenants config
Zacgoose May 29, 2026
e3d57cf
Update Invoke-CIPPStandardDeployCheckChromeExtension.ps1
Zacgoose May 29, 2026
a17137c
chore: remove cipp processor queue
JohnDuprey May 29, 2026
0fd3315
chore: disable cippcommand action
JohnDuprey May 29, 2026
e98445f
chore: sanitize cippid in public webhooks
JohnDuprey May 29, 2026
38e3ae9
chore: block arbitrary cmdlets not in CIPP modules
JohnDuprey May 29, 2026
c18bda8
fix: optimize checks
JohnDuprey May 29, 2026
c69e2ce
fix: allow for command without .value
JohnDuprey May 29, 2026
da7bd8c
chore: add devsecrets to restricted tables
JohnDuprey May 29, 2026
2ed3f94
chore: remove write host
JohnDuprey May 29, 2026
f5f3736
Optimize CIPP DB orchestration
Zacgoose May 30, 2026
7caadb2
fixes
Zacgoose May 30, 2026
11e613a
cleanup
Zacgoose May 30, 2026
dd8952e
reduce memory
Zacgoose May 30, 2026
518855c
test optimisation
Zacgoose May 30, 2026
999f028
Fix TenantAllowBlockListTemplate always reporting non-compliant
chris-dewey-1991 May 31, 2026
7b34160
update openapi spec with generated one
KelvinTegelaar May 31, 2026
4478065
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar May 31, 2026
8341f49
Test
KelvinTegelaar May 31, 2026
26a87b2
add-member force
KelvinTegelaar May 31, 2026
2a2851b
sso auth
KelvinTegelaar May 31, 2026
acf4bf3
Add or update the Azure App Service build and deployment workflow config
KelvinTegelaar May 31, 2026
72f7882
fixes another add member
KelvinTegelaar May 31, 2026
fad627f
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar May 31, 2026
54a3a08
api auth save and get changes
Zacgoose Jun 1, 2026
c16557f
Guarding for cache collection items
Zacgoose Jun 1, 2026
4b4a2d1
Update Set-CIPPDBCacheSharePointSiteUsage.ps1
Zacgoose Jun 1, 2026
f3393cb
Update Invoke-ExecUniversalSearchV2.ps1
Zacgoose Jun 1, 2026
9d8f1a0
correct incorrect pathing
Zacgoose Jun 1, 2026
a40683c
fix: access issues related to undefined roles
JohnDuprey Jun 1, 2026
3c19e62
fix: ip restriction logic
JohnDuprey Jun 1, 2026
648127f
fix: role for EditIntunePolicy
JohnDuprey Jun 1, 2026
679c390
fix: validate token exchange url is microsoft
JohnDuprey Jun 1, 2026
139b0c6
fix: sanitize more odata paths for tables
JohnDuprey Jun 1, 2026
a9797cd
chore: cleanup redundant tenant check in listexorequest
JohnDuprey Jun 1, 2026
ac33841
add featureflag for mcp
KelvinTegelaar Jun 1, 2026
468fb30
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar Jun 1, 2026
235bd85
fix: validate and sanitize msp/choco app params
JohnDuprey Jun 1, 2026
256e9fc
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
JohnDuprey Jun 1, 2026
0c5d2bb
Fix TenantAllowBlockListTemplate always reporting non-compliant (#2069)
KelvinTegelaar Jun 1, 2026
55a97db
added logging
KelvinTegelaar Jun 1, 2026
0c54cd1
fix: move New-CIPPCoreRequest back to CIPPCore
JohnDuprey Jun 1, 2026
5a3b425
fix: Update endpoint roles to use Autopilot.Read (#2068)
KelvinTegelaar Jun 1, 2026
2492ad4
customsubject fix
KelvinTegelaar Jun 1, 2026
2875214
unique
KelvinTegelaar Jun 1, 2026
3f9dbd9
new licence report endpoint and revert old endpoint
Zacgoose Jun 1, 2026
3f842ab
fix: explicitly remove tenant from the table instead of using -cleanold
JohnDuprey Jun 2, 2026
55ddb18
Update Invoke-ExecTestRun.ps1
Zacgoose Jun 2, 2026
1167ff5
caching bump
Zacgoose Jun 3, 2026
6eeb31b
Pluralize standard name and continue on error
Zacgoose Jun 3, 2026
058da5e
rework mail contact standard and lazy load modules when needed
Zacgoose Jun 3, 2026
2edc759
Handle PendingAcceptance guests and update reporting
Zacgoose Jun 3, 2026
64efbd9
Apply multiple fixes to the add member to exo groups flow including a…
Zacgoose Jun 3, 2026
a9be272
Update Invoke-CIPPStandardEnableExchangeCloudManagement.ps1
Zacgoose Jun 3, 2026
3e99e66
add mcp allowed
KelvinTegelaar Jun 3, 2026
a2c2524
oauth prm
KelvinTegelaar Jun 3, 2026
1fc4263
feat: add Email as alternate login ID standard
kris6673 Jun 3, 2026
5c81043
change resource usage to craft well known
KelvinTegelaar Jun 3, 2026
6fc7d35
Revert custom well known
KelvinTegelaar Jun 3, 2026
0cd6f9d
MCP client updates to support client auth
KelvinTegelaar Jun 3, 2026
ec2eb83
add logging to mcp reation.
KelvinTegelaar Jun 3, 2026
49e8af8
feat: add Invoke-ExecSetCASMailbox function for CAS settings management
kris6673 Jun 3, 2026
2350636
add tot non-ng
KelvinTegelaar Jun 3, 2026
72c277d
Allow MCP client
KelvinTegelaar Jun 3, 2026
7800b3c
Fix
KelvinTegelaar Jun 3, 2026
77073ba
role change
KelvinTegelaar Jun 3, 2026
bc6aee4
fix: quarantine deny action
JohnDuprey Jun 4, 2026
4288bd8
exclude partner tenant
Zacgoose Jun 4, 2026
adba8fa
add excludeFromAlert to licenses.
KelvinTegelaar Jun 4, 2026
9a176cc
feat: Add Group-Based Licensing support (#2063)
KelvinTegelaar Jun 4, 2026
593911e
Feat: Add Invoke-ExecSetCASMailbox function for CAS settings manageme…
KelvinTegelaar Jun 4, 2026
a8e7aa5
Feat: Add Email as alternate login ID standard (#2075)
KelvinTegelaar Jun 4, 2026
2b3a7bb
resolves #6096
KelvinTegelaar Jun 4, 2026
ae92127
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar Jun 4, 2026
53db433
better descriptions
KelvinTegelaar Jun 4, 2026
c7cebfe
better descriptions
KelvinTegelaar Jun 4, 2026
6a1c373
fixes issue with all tenants retrieval
KelvinTegelaar Jun 4, 2026
4909e9c
dbcache desc
KelvinTegelaar Jun 4, 2026
3ca5887
updated descriptions.
KelvinTegelaar Jun 4, 2026
7902097
add missing return
KelvinTegelaar Jun 4, 2026
65659c2
fix: remove headers parameter from scheduler details/list
JohnDuprey Jun 4, 2026
c5d1558
fix: version check
JohnDuprey Jun 4, 2026
c584938
fix: fallback to app version if one is not specified
JohnDuprey Jun 5, 2026
d4ddd3d
fix: additional protections for choco app deployment
JohnDuprey Jun 5, 2026
2bbcfcc
This endpoint is silly, we are going to manually try paging
Zacgoose Jun 5, 2026
90e45ea
pass timing to stop queue rerun protection drift
Zacgoose Jun 5, 2026
3fa0ee6
Pipe character escaping in names
Zacgoose Jun 5, 2026
2b3a1c8
Fix for manually run standards being excluded from applied standards …
Zacgoose Jun 5, 2026
4435ea3
CA expansion for tags
KelvinTegelaar Jun 5, 2026
9cab066
CA expansion for tags
KelvinTegelaar Jun 5, 2026
2b093c3
fixes issue with CA compare and a weird blank line
KelvinTegelaar Jun 5, 2026
f7f51cc
remove duplicate non gated cache collection items
Zacgoose Jun 5, 2026
ed47810
Update Test-CIPPAccess.ps1
Zacgoose Jun 5, 2026
c040658
Update FeatureFlags.json
Zacgoose Jun 5, 2026
612ba54
Update Get-CIPPTenantAlignment.ps1
Zacgoose Jun 5, 2026
f0f361d
restart helper
Zacgoose Jun 5, 2026
961462f
fix: role assignment checks
JohnDuprey Jun 5, 2026
503eac5
fix: apps and services test
JohnDuprey Jun 5, 2026
ee1884f
add permissions for new settings endpoint
JohnDuprey Jun 5, 2026
d817b6d
fix: cis test 1_3_5
JohnDuprey Jun 5, 2026
da10bf9
renumber for cis7
KelvinTegelaar Jun 5, 2026
5df315b
improved open api spec for ai
KelvinTegelaar Jun 6, 2026
65ba7a7
embed module into pipeline actions
Zacgoose Jun 7, 2026
431d292
extra module dep
Zacgoose Jun 7, 2026
336909e
extra module dep
Zacgoose Jun 7, 2026
d3d9892
cache middleware changes
Zacgoose Jun 7, 2026
ddc264a
Update Invoke-CippTestGenericTest002.ps1
Zacgoose Jun 8, 2026
2a63cfc
Update Get-CIPPAlertQuotaUsed.ps1
Zacgoose Jun 8, 2026
64f30df
Update Start-DurableCleanup.ps1
Zacgoose Jun 8, 2026
34112ff
temporary 1 day to clear old ips
KelvinTegelaar Jun 8, 2026
bfb0c17
tools update
KelvinTegelaar Jun 8, 2026
e4455d3
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
KelvinTegelaar Jun 8, 2026
a52f002
10.5.0 version up
KelvinTegelaar Jun 8, 2026
b36a32b
shuffle file locations
Zacgoose Jun 8, 2026
fc76e11
sso app repair and fix migration failures
Zacgoose Jun 8, 2026
c0f663c
fix: update role and fix variable casing in message trace function
kris6673 Jun 8, 2026
3e33fdb
fix: more robust conversion for EnableAutoTrim setting
kris6673 Jun 8, 2026
3f9aab0
api version file fixes
Zacgoose Jun 9, 2026
2138ec6
Fix: Improve conversion for EnableAutoTrim setting (#2084)
KelvinTegelaar Jun 9, 2026
c215631
Fix: Message trace role and variable casing in message trace function…
KelvinTegelaar Jun 9, 2026
2925643
push endpoint over to export job endpoint
Zacgoose Jun 9, 2026
b79c296
sherweb migration fixes
KelvinTegelaar Jun 9, 2026
280b3b9
fix: add CippExtensions to allowlist
JohnDuprey Jun 9, 2026
8f1069c
Merge branch 'dev' of https://github.com/KelvinTegelaar/CIPP-API into…
JohnDuprey Jun 9, 2026
2511c6e
add limits for tools copilot studio
KelvinTegelaar Jun 9, 2026
6c897f5
fixes group addition in user page and vacation mode
Zacgoose Jun 9, 2026
39e1a34
chore: bump version to 10.5.1
JohnDuprey Jun 9, 2026
64836c0
fix: rerun detection on scheduled tasks
JohnDuprey Jun 9, 2026
9dd0e56
Update Invoke-ListTenantAlignment.ps1
Zacgoose Jun 10, 2026
a0a7985
Update Invoke-ListTenantAlignment.ps1
Zacgoose Jun 10, 2026
e8d1342
audit log detailed logging for debugging
Zacgoose Jun 10, 2026
b8fefcf
Update Invoke-ExecMcp.ps1
Zacgoose Jun 10, 2026
83b1303
bulk request next link following
Zacgoose Jun 10, 2026
9f0bacd
manual pagination support for Invoke-ListMailQuarantine
Zacgoose Jun 10, 2026
cc84a49
Fix ORCA104
Zacgoose Jun 10, 2026
8cd8d1d
Fix for ORCA107 and add Exchange Global Quarantine policy to cache
Zacgoose Jun 10, 2026
238001c
Update policy based on MS and Orca guidance
Zacgoose Jun 10, 2026
0640f07
Fixes ORCA179
Zacgoose Jun 10, 2026
db3de75
Fixes ORCA244
Zacgoose Jun 10, 2026
a556b98
Fixes ORCA113
Zacgoose Jun 10, 2026
cbcc61b
Fixes ORCA103
Zacgoose Jun 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
32 changes: 32 additions & 0 deletions .github/workflows/dev_cippjta72.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions

name: Build and deploy Powershell project to Azure Function App - cippjta72

on:
push:
branches:
- dev
workflow_dispatch:

env:
AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root

jobs:
deploy:
runs-on: ubuntu-latest

steps:
- name: 'Checkout GitHub Action'
uses: actions/checkout@v4

- name: 'Run Azure Functions Action'
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'cippjta72'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}
publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_1EBE9D73F9EC4528BA666FC934055536 }}
sku: 'flexconsumption'

10 changes: 10 additions & 0 deletions Config/CIPPDBCacheTypes.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,11 @@
"friendlyName": "Exchange Quarantine Policy",
"description": "Exchange Online quarantine policy"
},
{
"type": "ExoGlobalQuarantinePolicy",
"friendlyName": "Exchange Global Quarantine Policy",
"description": "Exchange Online tenant-wide Global Quarantine policy (end-user notification settings)"
},
{
"type": "ExoRemoteDomain",
"friendlyName": "Exchange Remote Domain",
Expand Down Expand Up @@ -363,5 +368,10 @@
"type": "CopilotUserCountTrend",
"friendlyName": "Copilot User Count Trend",
"description": "Daily Copilot active user count trend (7-day period)"
},
{
"type": "ExoTransportConfig",
"friendlyName": "Exchange Transport Config",
"description": "Exchange Online transport configuration including SMTP authentication settings"
}
]
27 changes: 19 additions & 8 deletions Config/CIPPTimers.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,6 @@
"RunOnProcessor": true,
"PreferredProcessor": "usertasks"
},
{
"Id": "168decf3-7ddd-471e-ab46-8b40be0f18ae",
"Command": "Start-CIPPProcessorQueue",
"Description": "Timer to handle user initiated tasks",
"Cron": "0 */15 * * * *",
"Priority": 1,
"RunOnProcessor": true
},
{
"Id": "44a40668-ed71-403c-8c26-b32e320086ad",
"Command": "Start-AuditLogOrchestrator",
Expand Down Expand Up @@ -245,6 +237,16 @@
"TZOffset": true,
"IsSystem": true
},
{
"Id": "5e8a9b4c-2d6f-4a3e-b7c1-9d0e5f3a8b2c",
"Command": "Start-IntuneReportExportOrchestrator",
"Description": "Submit Intune report-export jobs ahead of nightly DB cache run",
"Cron": "0 0 2 * * *",
"Priority": 22,
"RunOnProcessor": true,
"TZOffset": true,
"IsSystem": true
},
{
"Id": "9a7f8e6d-5c4b-3a2d-1e0f-9b8c7d6e5f4a",
"Command": "Start-CIPPDBCacheOrchestrator",
Expand Down Expand Up @@ -273,5 +275,14 @@
"Priority": 30,
"RunOnProcessor": false,
"IsSystem": true
},
{
"Id": "7e2a9b4c-1d5f-4a8e-b3c6-0f9d2e7a4b1c",
"Command": "Start-UserSyncTimer",
"Description": "Sync partner tenant users and group-based roles into allowedUsers table",
"Cron": "0 */15 * * * *",
"Priority": 11,
"RunOnProcessor": false,
"IsSystem": true
}
]
21 changes: 17 additions & 4 deletions Config/FeatureFlags.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,16 +32,29 @@
"Endpoints": [
"ExecCIPPUsers",
"ListCIPPUsers",
"ExecSSOSetup",
"ExecContainerManagement",
"ListContainerLogs"
"ListContainerLogs",
"ListWorkerHealth"
],
"Pages": [
"/cipp/advanced/super-admin/cipp-users",
"/cipp/advanced/super-admin/sso",
"/cipp/advanced/super-admin/container",
"/cipp/advanced/container-logs"
"/cipp/advanced/container-logs",
"/cipp/advanced/worker-health"
],
"Hidden": true
},
{
"Id": "MCPServer",
"Name": "MCP Server",
"Description": "Model Context Protocol (MCP) server endpoint that exposes CIPP's read-only API surface as tools for AI clients. Disabled by default; enable to allow MCP access.",
"Enabled": false,
"AllowUserToggle": true,
"Timers": [],
"Endpoints": [
"ExecMcp"
],
"Pages": [],
"Hidden": false
}
]
117 changes: 71 additions & 46 deletions Config/SAMManifest.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,20 +10,7 @@
"http://localhost:8400"
]
},
"servicePrincipalLockConfiguration": {
"isEnabled": true,
"allProperties": true
},
"requiredResourceAccess": [
{
"resourceAppId": "c5393580-f805-4401-95e8-94b7a6ef2fc2",
"resourceAccess": [
{
"id": "594c1fb6-4f81-4475-ae41-0c394909246c",
"type": "Scope"
}
]
},
{
"resourceAppId": "aeb86249-8ea3-49e2-900b-54cc8e308f85",
"resourceAccess": [
Expand All @@ -48,6 +35,10 @@
"id": "5e1e9171-754d-478c-812c-f1755a9a4c2d",
"type": "Role"
},
{
"id": "57f1cf28-c0c4-4ec3-9a30-19a2eaaf2f6e",
"type": "Role"
},
{
"id": "f3a65bd4-b703-46df-8f7e-0174fea562aa",
"type": "Role"
Expand All @@ -60,6 +51,10 @@
"id": "35930dcf-aceb-4bd1-b99a-8ffed403c974",
"type": "Role"
},
{
"id": "c8948c23-e66b-42db-83fd-770b71ab78d2",
"type": "Role"
},
{
"id": "cac88765-0581-4025-9725-5ebc13f729ee",
"type": "Role"
Expand Down Expand Up @@ -92,10 +87,6 @@
"id": "9255e99d-faf5-445e-bbf7-cb71482737c4",
"type": "Role"
},
{
"id": "8b9d79d0-ad75-4566-8619-f7500ecfcebe",
"type": "Scope"
},
{
"id": "5ac13192-7ace-4fcf-b828-1a26f28068ee",
"type": "Role"
Expand All @@ -116,6 +107,10 @@
"id": "75359482-378d-4052-8f01-80520e7db3cd",
"type": "Role"
},
{
"id": "2d9bd318-b883-40be-9df7-63ec4fcdc424",
"type": "Role"
},
{
"id": "bf7b1a76-6e77-406b-b258-bf5c7720e98f",
"type": "Role"
Expand Down Expand Up @@ -224,6 +219,14 @@
"id": "4437522e-9a86-4a41-a7da-e380edd4a97d",
"type": "Role"
},
{
"id": "0a42382f-155c-4eb1-9bdc-21548ccaa387",
"type": "Role"
},
{
"id": "a94a502d-0281-4d15-8cd2-682ac9362c4c",
"type": "Role"
},
{
"id": "741f803b-c850-494e-b5df-cde7c675a1ca",
"type": "Role"
Expand All @@ -232,6 +235,10 @@
"id": "50483e42-d915-4231-9639-7fdb7fd190e5",
"type": "Role"
},
{
"id": "d72bdbf4-a59b-405c-8b04-5995895819ac",
"type": "Role"
},
{
"id": "bdfbf15f-ee85-4955-8675-146e8e5296b5",
"type": "Scope"
Expand Down Expand Up @@ -332,6 +339,10 @@
"id": "0c5e8a55-87a6-4556-93ab-adc52c4d862d",
"type": "Scope"
},
{
"id": "8b9d79d0-ad75-4566-8619-f7500ecfcebe",
"type": "Scope"
},
{
"id": "662ed50a-ac44-4eef-ad86-62eed9be2a29",
"type": "Scope"
Expand Down Expand Up @@ -400,6 +411,10 @@
"id": "46ca0847-7e6b-426e-9775-ea810a948356",
"type": "Scope"
},
{
"id": "1e9b7a7e-4d64-44ff-acf5-2e9651c1519f",
"type": "Scope"
},
{
"id": "346c19ff-3fb2-4e81-87a0-bac9e33990c1",
"type": "Scope"
Expand Down Expand Up @@ -528,6 +543,10 @@
"id": "b98bfd41-87c6-45cc-b104-e2de4f0dafb9",
"type": "Scope"
},
{
"id": "424b07a8-1209-4d17-9fe4-9018a93a1024",
"type": "Scope"
},
{
"id": "cac97e40-6730-457d-ad8d-4852fddab7ad",
"type": "Scope"
Expand All @@ -551,38 +570,31 @@
{
"id": "b7887744-6746-4312-813d-72daeaee7e2d",
"type": "Scope"
},
}
]
},
{
"resourceAppId": "fa3d9a0c-3fb0-42cc-9193-47c7ecd2edbd",
"resourceAccess": [
{
"id": "424b07a8-1209-4d17-9fe4-9018a93a1024",
"id": "1cebfa2a-fb4d-419e-b5f9-839b4383e05a",
"type": "Scope"
},
{
"id": "0a42382f-155c-4eb1-9bdc-21548ccaa387",
"type": "Role"
},
{
"id": "2d9bd318-b883-40be-9df7-63ec4fcdc424",
"type": "Role"
},
}
]
},
{
"resourceAppId": "00000012-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "c8948c23-e66b-42db-83fd-770b71ab78d2",
"id": "e23bd57d-bfd5-4906-867f-89fb5ed8cd43",
"type": "Role"
},
{
"id": "a94a502d-0281-4d15-8cd2-682ac9362c4c",
"id": "7347eb49-7a1a-43c5-8eac-a5cd1d1c7cf0",
"type": "Role"
},
{
"id": "d72bdbf4-a59b-405c-8b04-5995895819ac",
"type": "Role"
}
]
},
{
"resourceAppId": "fa3d9a0c-3fb0-42cc-9193-47c7ecd2edbd",
"resourceAccess": [
{
"id": "1cebfa2a-fb4d-419e-b5f9-839b4383e05a",
"id": "c9c9a04d-3b66-4ca8-a00c-fca953e2afd3",
"type": "Scope"
}
]
Expand All @@ -591,23 +603,23 @@
"resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
"resourceAccess": [
{
"id": "dc50a0fb-09a3-484d-be87-e023b12c6440",
"id": "ef54d2bf-783f-4e0f-bca1-3210c0444d99",
"type": "Role"
},
{
"id": "ef54d2bf-783f-4e0f-bca1-3210c0444d99",
"id": "dc50a0fb-09a3-484d-be87-e023b12c6440",
"type": "Role"
},
{
"id": "f9156939-25cd-4ba8-abfe-7fabcf003749",
"type": "Role"
},
{
"id": "ab4f2b77-0b06-4fc1-a9de-02113fc2ab7c",
"id": "bbd1ca91-75e0-4814-ad94-9c5dbbae3415",
"type": "Scope"
},
{
"id": "bbd1ca91-75e0-4814-ad94-9c5dbbae3415",
"id": "ab4f2b77-0b06-4fc1-a9de-02113fc2ab7c",
"type": "Scope"
},
{
Expand All @@ -616,6 +628,15 @@
}
]
},
{
"resourceAppId": "c5393580-f805-4401-95e8-94b7a6ef2fc2",
"resourceAccess": [
{
"id": "594c1fb6-4f81-4475-ae41-0c394909246c",
"type": "Scope"
}
]
},
{
"resourceAppId": "00000003-0000-0ff1-ce00-000000000000",
"resourceAccess": [
Expand Down Expand Up @@ -647,5 +668,9 @@
}
]
}
]
}
],
"servicePrincipalLockConfiguration": {
"isEnabled": true,
"allProperties": true
}
}
Loading