From 1ebc51ffc062a13b694684bb1f056b62a6a5e5ca Mon Sep 17 00:00:00 2001
From: harshku-ms <66018182+harshku-ms@users.noreply.github.com>
Date: Wed, 27 May 2020 19:02:07 +0530
Subject: [PATCH] Adding permissions for M365 Auditing API

Work-item: https://microsoftgraph.visualstudio.com/onboarding/_workitems/edit/4852/

M365 needs to capture various user, admin, system, and policy actions and events to create new or enhance existing operations, security, and compliance-monitoring solutions for the enterprises.
Example, MIP-enabled applications on client devices need to send sensitivity-label-related audit data to a central auditing backend so that administrators can get insights about usage, adoption and efficiency of configured policies for sensitivity labels in their organization, and build advanced reports of their own specific to their needs.
---
 src/app/scopes-dialog/scopes.ts | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/app/scopes-dialog/scopes.ts b/src/app/scopes-dialog/scopes.ts
index 56b36492..91852151 100644
--- a/src/app/scopes-dialog/scopes.ts
+++ b/src/app/scopes-dialog/scopes.ts
@@ -1023,5 +1023,12 @@ export const PermissionScopes: IPermissionScope[] = [
     longDescription: 'Allows the app to read and write authentication methods of all users in your organization that the signed-in user has access to. Authentication methods include things like a user\'s phone numbers and Authenticator app settings. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.',
     preview: true,
     admin: true
+  },
+  {
+    name: 'AuditLog.Create',
+    description: 'Create audit logs for user actions',
+    longDescription: 'Allows the app to create and send audit logs for the actions performed by the signed-in user.',
+    preview: true,
+    admin: true
   }
 ];