starred/CIPP

Fork 0

mirror of https://github.com/KelvinTegelaar/CIPP.git synced 2026-04-25 16:26:09 +03:00

[GH-ISSUE #4702] [Feature Request]: Documentation for CIPP Roles #2189

New issue

Closed

opened 2026-03-02 13:50:18 +03:00 by kerem · 3 comments

kerem commented

2026-03-02 13:50:18 +03:00

Owner

Originally created by @guhri88 on GitHub (Sep 26, 2025).
Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4702

Originally assigned to: @Zacgoose on GitHub.

Please confirm:

I have searched existing feature requests (open and closed) and found no duplicates.
**me or my organization is currently an active sponsor of the product at the $99,- level.

Problem Statement

The documentation for CIPP Roles and API permissions is very sparse (almost nonexistent). It would be useful to have a more human readable explanation for what each of the API permissions relates to, at the very least, the CIPP permissions, as they are not as well known as the various Microsoft ones would be. I see that the API Endpoints are listed there, but that doesn't always shine enough light on what the actual effect is, especially for the CIPP. permissions (other than CIPP.SuperAdmin, which is pretty clear).

Benefits for MSPs

Setting up custom roles is necessary for least privilege access control. Having more readable documentation for what each of the various API permissions in the CIPP Roles do rather than just the API names would make it much easier to appropriately customize these, especially for the CIPP specific ones (e..g., what does CIPP.Core cover, or CIPP.Extension?)

CIPP.Alert
CIPP.AppSettings
CIPP.Backup
CIPP.Core
CIPP.Extension
CIPP.Scheduler
CIPP.Standards
CIPP.SuperAdmin

Value or Importance

This would make it much easier to determine which permissions to dole out, rather than trying to decipher what each CIPP permission (and in some cases, Microsoft permissions) actually does.

PowerShell Commands (Optional)

No response

Originally created by @guhri88 on GitHub (Sep 26, 2025). Original GitHub issue: https://github.com/KelvinTegelaar/CIPP/issues/4702 Originally assigned to: @Zacgoose on GitHub. ### Please confirm: - [x] **I have searched existing feature requests** (open and closed) and found no duplicates. - [x] **me or my organization is currently an active sponsor of the product at the $99,- level. ### Problem Statement The documentation for CIPP Roles and API permissions is very sparse (almost nonexistent). It would be useful to have a more human readable explanation for what each of the API permissions relates to, at the very least, the CIPP permissions, as they are not as well known as the various Microsoft ones would be. I see that the API Endpoints are listed there, but that doesn't always shine enough light on what the actual effect is, especially for the CIPP. permissions (other than CIPP.SuperAdmin, which is pretty clear). ### Benefits for MSPs Setting up custom roles is necessary for least privilege access control. Having more readable documentation for what each of the various API permissions in the CIPP Roles do rather than just the API names would make it much easier to appropriately customize these, especially for the CIPP specific ones (e..g., what does CIPP.Core cover, or CIPP.Extension?) CIPP.Alert CIPP.AppSettings CIPP.Backup CIPP.Core CIPP.Extension CIPP.Scheduler CIPP.Standards CIPP.SuperAdmin ### Value or Importance This would make it much easier to determine which permissions to dole out, rather than trying to decipher what each CIPP permission (and in some cases, Microsoft permissions) actually does. ### PowerShell Commands (Optional) _No response_

kerem

2026-03-02 13:50:18 +03:00

closed this issue
added the
enhancement

no-priority

not-assigned
labels

kerem commented

2026-03-02 13:50:19 +03:00

Author

Owner

@Zacgoose commented on GitHub (Sep 27, 2025):

I would like to work on this please!

@Zacgoose commented on GitHub (Sep 27, 2025): I would like to work on this please!

kerem commented

2026-03-02 13:50:20 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Sep 27, 2025):

Great! I assigned you (@Zacgoose) to the issue. Have fun working on it!

@github-actions[bot] commented on GitHub (Sep 27, 2025): Great! I assigned you (@Zacgoose) to the issue. Have fun working on it!

kerem commented

2026-03-02 13:50:20 +03:00

Author

Owner

@KelvinTegelaar commented on GitHub (Sep 27, 2025):

Added descriptions in dev

@KelvinTegelaar commented on GitHub (Sep 27, 2025): Added descriptions in dev

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/CIPP#2189

No description provided.

Rows
Columns