docs: Document container type owner capabilities in SPE auth page#10751
Conversation
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit eba7abc: ✅ Validation status: passed
For more details, please refer to the build report. |
gnjoseph
force-pushed
the
grjoseph/spe-auth-ct-owner-capabilities
branch
from
eba7abc to
875ea76
Compare
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 875ea76: ✅ Validation status: passed
For more details, please refer to the build report. |
gnjoseph
force-pushed
the
grjoseph/spe-auth-ct-owner-capabilities
branch
from
875ea76 to
a347add
Compare
|
Learn Build status updates of commit a347add: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
gnjoseph
force-pushed
the
grjoseph/spe-auth-ct-owner-capabilities
branch
from
a347add to
fc0d26f
Compare
|
Learn Build status updates of commit fc0d26f: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
|
||
| [SharePoint Embedded Administrators](/entra/identity/role-based-access-control/permissions-reference#sharepoint-embedded-administrator) can manage all SharePoint Embedded applications created in the **owning** tenant. Additionally, any Microsoft Entra user that isn't an external identity can be assigned as an owner of a [container type](/graph/api/resources/filestoragecontainertype). Container type owners can manage that specific container type. To learn more about managing applications created in the owning tenant, see [SharePoint Embedded developer administrator](../administration/developer-admin/dev-admin.md). | ||
|
|
||
| ##### Container type owner capabilities |
There was a problem hiding this comment.
This was feedback given to me on this same article :)
|
|
||
| ##### Container type owner capabilities | ||
|
|
||
| Container type owners are managed through the [permissions](/graph/api/filestoragecontainertype-post-permissions) navigation property on the `fileStorageContainerType` resource. Each permission entry has a role of `owner` and identifies the user via `grantedToV2`. Owners can be managed in the following ways: |
There was a problem hiding this comment.
nit. Generally, a resource name is bolded instead if it's not linked. So like fileStorageContainerType or fileStorageContainerType.
There was a problem hiding this comment.
Updated to be linked
- Add container type owner capabilities subsection under owning tenant management - Document permissions navigation property (roles: owner, grantedToV2) - Document owner CRUD, permissions management, and container creation capabilities - Add cross-tenant caveat: owners are NOT propagated to consuming tenants - Add intersection model callout (app permissions x user permissions) - Add auto-assignment of creator as owner and guest user exclusion
gnjoseph
force-pushed
the
grjoseph/spe-auth-ct-owner-capabilities
branch
from
fc0d26f to
8c33550
Compare
|
Learn Build status updates of commit 8c33550: ✅ Validation status: passed
For more details, please refer to the build report. |
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
- use "three" instead of "3" for owner limit
- replace "can perform" with "can do"
- use contractions ("can't", "don't") per style guide
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 26683c8: ✅ Validation status: passed
For more details, please refer to the build report. |
There was a problem hiding this comment.
"403 forbidden" isn't code, shouldn't be inline code formatted
| Container type owners are managed through the [permissions](/graph/api/filestoragecontainertype-post-permissions) navigation property on the [fileStorageContainerType](/graph/api/resources/filestoragecontainertype) resource. Each permission entry has a role of `owner` and identifies the user via `grantedToV2`. Owners can be managed in the following ways: | ||
|
|
||
| - **Automatic assignment**: The user who [creates a container type](/graph/api/filestorage-post-containertypes) is automatically assigned as an owner. | ||
| - **Add owners**: Use [POST /containerTypes/{id}/permissions](/graph/api/filestoragecontainertype-post-permissions) to add up to three owners per container type. |
There was a problem hiding this comment.
These references should be formatted as inline code.
There was a problem hiding this comment.
Numerous places throughout this doc, permissions are not consistently referenced. Some are text, some are formatted as inline code. Some aren't linked, some are linked to the permissions.
Permissions aren't code and shouldn't be formatted as such. Also, either link to all or don't link to any - be consistent.
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 0368192: ✅ Validation status: passed
For more details, please refer to the build report. |
- bold permission names and convert to hyperlinks - wrap API paths in inline code with links - fix nested list indentation in next steps - add blank lines before/after note callouts - bold "403 Forbidden" response code reference
andrewconnell
force-pushed
the
grjoseph/spe-auth-ct-owner-capabilities
branch
from
0368192 to
766e9d2
Compare
PoliCheck Scan ReportThe following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans. ✅ No issues foundMore information about PoliCheckInformation: PoliCheck | Severity Guidance | Term |
|
Learn Build status updates of commit 766e9d2: ✅ Validation status: passed
For more details, please refer to the build report. |
andrewconnell
added
pr:ready-to-merge
3 participants
Category
What's in this Pull Request?
Documents the shipped container type owner capabilities in the SharePoint Embedded authentication and authorization page: