From fbd264e0d6775f058ef78dcb8fe0458c95283849 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lu=C3=ADs=20Pinto?= <Luspin@microsoft.com>
Date: Tue, 21 Oct 2025 11:54:25 +0100
Subject: [PATCH 01/10] Enhance webLink field description in message.md

Expanded the description for the webLink field to include information about delegate permissions and database region restrictions.
---
 api-reference/v1.0/resources/message.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-reference/v1.0/resources/message.md b/api-reference/v1.0/resources/message.md
index 91ceff1b8f2..62b778ecb93 100644
--- a/api-reference/v1.0/resources/message.md
+++ b/api-reference/v1.0/resources/message.md
@@ -88,7 +88,7 @@ by providing a [delta](../api/message-delta.md) function.
 |subject|String|The subject of the message.|
 |toRecipients|[recipient](recipient.md) collection|The To: recipients for the message.|
 |uniqueBody|[itemBody](itembody.md)|The part of the body of the message that is unique to the current message. **uniqueBody** is not returned by default but can be retrieved for a given message by use of the `?$select=uniqueBody` query. It can be in HTML or text format.|
-|webLink|String|The URL to open the message in Outlook on the web.<br><br>You can append an ispopout argument to the end of the URL to change how the message is displayed. If ispopout is not present or if it is set to 1, then the message is shown in a popout window. If ispopout is set to 0, the browser shows the message in the Outlook on the web review pane.<br><br>The message opens in the browser if you are signed in to your mailbox via Outlook on the web. You are prompted to sign in if you are not already signed in with the browser.<br><br>This URL cannot be accessed from within an iFrame.|
+|webLink|String|The URL to open the message in Outlook on the web.<br><br>You can append an `ispopout` argument to the end of the URL to change how the message is displayed. If `ispopout` is not present or if it is set to `1`, then the message is shown in a popout window. If `ispopout` is set to `0`, the browser shows the message in the Outlook on the web review pane.<br><br>The message opens in the browser if you are signed in to your mailbox via Outlook on the web. You are prompted to sign in if you are not already signed in with the browser.<br><br>This URL cannot be accessed from within an iFrame.<br><br>**NOTE:** When leveraging this URL to access a message from a mailbox for which you have been assigned delegate permissions, then it must be ensured that both the currently logged in **and** the target mailbox belong to the same database region, i.e. an error will be returned when a user with a mailbox hosted in the EUR (Europe) region tries to access messages from a mailbox in the NAM (North-America) region.|
 
 
 ## Relationships

From 5415223b47ed33850e96b1d8511f44c5210fcbfa Mon Sep 17 00:00:00 2001
From: Danipocket <88507770+Danipocket@users.noreply.github.com>
Date: Thu, 23 Oct 2025 17:02:11 -0600
Subject: [PATCH 02/10] Apply suggestions from code review

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 api-reference/v1.0/resources/message.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-reference/v1.0/resources/message.md b/api-reference/v1.0/resources/message.md
index 62b778ecb93..b6a889c0926 100644
--- a/api-reference/v1.0/resources/message.md
+++ b/api-reference/v1.0/resources/message.md
@@ -88,7 +88,7 @@ by providing a [delta](../api/message-delta.md) function.
 |subject|String|The subject of the message.|
 |toRecipients|[recipient](recipient.md) collection|The To: recipients for the message.|
 |uniqueBody|[itemBody](itembody.md)|The part of the body of the message that is unique to the current message. **uniqueBody** is not returned by default but can be retrieved for a given message by use of the `?$select=uniqueBody` query. It can be in HTML or text format.|
-|webLink|String|The URL to open the message in Outlook on the web.<br><br>You can append an `ispopout` argument to the end of the URL to change how the message is displayed. If `ispopout` is not present or if it is set to `1`, then the message is shown in a popout window. If `ispopout` is set to `0`, the browser shows the message in the Outlook on the web review pane.<br><br>The message opens in the browser if you are signed in to your mailbox via Outlook on the web. You are prompted to sign in if you are not already signed in with the browser.<br><br>This URL cannot be accessed from within an iFrame.<br><br>**NOTE:** When leveraging this URL to access a message from a mailbox for which you have been assigned delegate permissions, then it must be ensured that both the currently logged in **and** the target mailbox belong to the same database region, i.e. an error will be returned when a user with a mailbox hosted in the EUR (Europe) region tries to access messages from a mailbox in the NAM (North-America) region.|
+|webLink|String|The URL to open the message in Outlook on the web.<br><br>You can append an `ispopout` argument to the end of the URL to change how the message is displayed. If `ispopout` is not present or if it is set to `1`, then the message is shown in a popout window. If `ispopout` is set to `0`, the browser shows the message in the Outlook on the web review pane.<br><br>The message opens in the browser if you are signed in to your mailbox via Outlook on the web. You are prompted to sign in if you are not already signed in with the browser.<br><br>This URL cannot be accessed from within an iFrame.<br><br>**NOTE:** When using this URL to access a message from a mailbox with delegate permissions, both the signed-in user and the target mailbox must be in the same database region. For example, an error is returned when a user with a mailbox in the EUR (Europe) region attempts to access messages from a mailbox in the NAM (North America) region.|
 
 
 ## Relationships

From 279849a1d6201409dfaa5720ef03b98a373ee664 Mon Sep 17 00:00:00 2001
From: Faith Moraa Ombongi <ombongi.moraa.fe@gmail.com>
Date: Fri, 24 Oct 2025 10:48:02 +0300
Subject: [PATCH 03/10] Enhance application template properties with filter
 support

Added filtering support information for categories and displayName properties.
---
 api-reference/beta/resources/applicationtemplate.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api-reference/beta/resources/applicationtemplate.md b/api-reference/beta/resources/applicationtemplate.md
index 5dc80770df7..215e643101e 100644
--- a/api-reference/beta/resources/applicationtemplate.md
+++ b/api-reference/beta/resources/applicationtemplate.md
@@ -29,10 +29,10 @@ Represents an application in the [Microsoft Entra application gallery](/azure/ac
 
 | Property     | Type        | Description |
 |:-------------|:------------|:------------|
-|categories|String collection|The list of categories for the application. Supported values can be: `Collaboration`, `Business Management`, `Consumer`, `Content management`, `CRM`, `Data services`, `Developer services`, `E-commerce`, `Education`, `ERP`, `Finance`, `Health`, `Human resources`, `IT infrastructure`, `Mail`, `Management`, `Marketing`, `Media`, `Productivity`, `Project management`, `Telecommunications`, `Tools`, `Travel`, and `Web design & hosting`.|
+|categories|String collection|The list of categories for the application. Supported values can be: `Collaboration`, `Business Management`, `Consumer`, `Content management`, `CRM`, `Data services`, `Developer services`, `E-commerce`, `Education`, `ERP`, `Finance`, `Health`, `Human resources`, `IT infrastructure`, `Mail`, `Management`, `Marketing`, `Media`, `Productivity`, `Project management`, `Telecommunications`, `Tools`, `Travel`, and `Web design & hosting`. <br/><br/> Supports `$filter` (`contains`).|
 |configurationUris|[configurationUri](../resources/configurationuri.md) collection|The URIs required for the single sign-on configuration of a preintegrated application.|
 |description|String|A description of the application.|
-|displayName|String|The name of the application.|
+|displayName|String|The name of the application. Supports `$filter` (`contains`).|
 |homePageUrl|String|The home page URL of the application.|
 |id|String| Unique identifier for the application. Read-only.|
 |logoUrl|String|The URL to get the logo for this application.|

From f42ef8d63f68e988eee4391066f0684317a18a30 Mon Sep 17 00:00:00 2001
From: merill <merill@users.noreply.github.com>
Date: Sun, 26 Oct 2025 20:23:52 +1100
Subject: [PATCH 04/10] Fixed formatting of permissions

Aligned with rest of permissions in docs to include a comma seperator
---
 ...og-post-accesspackagecustomworkflowextensions-permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md b/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
index d8e0fadf610..08a76e3ec4b 100644
--- a/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
+++ b/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
@@ -2,4 +2,4 @@
 |:---|:---|:---|
 |Delegated (work or school account)|EntitlementManagement.ReadWrite.All|Not available.|
 |Delegated (personal Microsoft account)|Not supported.|Not supported.|
-|Application|EntitlementManagement.Read.All EntitlementManagement.ReadWrite.All|Not available.|
\ No newline at end of file
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All|Not available.|
\ No newline at end of file

From 7533f07a45e1ba81d204ee466fb390f06126c182 Mon Sep 17 00:00:00 2001
From: Faith Moraa Ombongi <ombongi.moraa.fe@gmail.com>
Date: Tue, 28 Oct 2025 14:17:38 +0300
Subject: [PATCH 05/10] Update Application permissions for access package
 catalog

---
 ...og-post-accesspackagecustomworkflowextensions-permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md b/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
index 08a76e3ec4b..360677462af 100644
--- a/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
+++ b/api-reference/v1.0/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
@@ -2,4 +2,4 @@
 |:---|:---|:---|
 |Delegated (work or school account)|EntitlementManagement.ReadWrite.All|Not available.|
 |Delegated (personal Microsoft account)|Not supported.|Not supported.|
-|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All|Not available.|
\ No newline at end of file
+|Application|EntitlementManagement.ReadWrite.All|Not available.|

From cc53aa3009d7a1fefaa5e3cfb41c3eaa62997309 Mon Sep 17 00:00:00 2001
From: Faith Moraa Ombongi <ombongi.moraa.fe@gmail.com>
Date: Tue, 28 Oct 2025 14:18:07 +0300
Subject: [PATCH 06/10] Update
 accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md

---
 ...og-post-accesspackagecustomworkflowextensions-permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api-reference/beta/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md b/api-reference/beta/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
index 51191f7a844..606bd07c2fb 100644
--- a/api-reference/beta/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
+++ b/api-reference/beta/includes/permissions/accesspackagecatalog-post-accesspackagecustomworkflowextensions-permissions.md
@@ -8,5 +8,5 @@ ms.localizationpriority: medium
 |:---|:---|:---|
 |Delegated (work or school account)|EntitlementManagement.ReadWrite.All|Not available.|
 |Delegated (personal Microsoft account)|Not supported.|Not supported.|
-|Application|EntitlementManagement.Read.All|EntitlementManagement.ReadWrite.All|
+|Application|EntitlementManagement.ReadWrite.All|Not available.|
 

From 8cdfd35a7a59a82c5eae1daee9573345766f8e3d Mon Sep 17 00:00:00 2001
From: AndHarri-MSFT <99029649+ruaden94@users.noreply.github.com>
Date: Wed, 29 Oct 2025 10:35:33 -0400
Subject: [PATCH 07/10] Update application-saml-sso-configure-api.md

Adding a note section to the document that calls out that programmatically setting up a SAML application through MG Graph commands is for setting up SP initiated flow SAML apps.

IDP initiated flow SAML apps will require the customer to go into the portal and set the SAML basic configuration identifier value for IDP initiated flow to work.
---
 concepts/application-saml-sso-configure-api.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/concepts/application-saml-sso-configure-api.md b/concepts/application-saml-sso-configure-api.md
index fab5ffaf7db..ffe4153bdcc 100644
--- a/concepts/application-saml-sso-configure-api.md
+++ b/concepts/application-saml-sso-configure-api.md
@@ -25,6 +25,10 @@ In this tutorial, you learn how to:
 > * Configure a certificate for federated SSO
 > * Retrieve the Microsoft Entra ID SAML metadata for your application that you use to complete the integration
 
+> [!NOTE]
+> The steps to setup SAML applications are for setting up SAML applications with SP initiated flow.
+> IDP initiated flow will require the modification of the SAML application in Entra ID to add the identifier (entity ID)
+
 ## Prerequisites
 
 This tutorial configures SSO for the AWS IAM Identity Center. However, most of the steps on Microsoft Graph apply to any other app that you want to configure SSO.

From e85436d09052203a6db42115105360572ce6dc1b Mon Sep 17 00:00:00 2001
From: Danipocket <88507770+Danipocket@users.noreply.github.com>
Date: Wed, 29 Oct 2025 18:15:11 -0600
Subject: [PATCH 08/10] Apply suggestions from code review

---
 concepts/application-saml-sso-configure-api.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/concepts/application-saml-sso-configure-api.md b/concepts/application-saml-sso-configure-api.md
index ffe4153bdcc..dc51fb2c39c 100644
--- a/concepts/application-saml-sso-configure-api.md
+++ b/concepts/application-saml-sso-configure-api.md
@@ -26,8 +26,9 @@ In this tutorial, you learn how to:
 > * Retrieve the Microsoft Entra ID SAML metadata for your application that you use to complete the integration
 
 > [!NOTE]
-> The steps to setup SAML applications are for setting up SAML applications with SP initiated flow.
-> IDP initiated flow will require the modification of the SAML application in Entra ID to add the identifier (entity ID)
+> The steps for setting up SAML applications apply to configurations that use the SP-initiated flow.
+
+>The IDP-initiated flow requires modifying the SAML application in Entra ID to add the identifier (entity ID).
 
 ## Prerequisites
 

From d82a5e4b564deb125939d9a8221c654867ab236b Mon Sep 17 00:00:00 2001
From: Danipocket <88507770+Danipocket@users.noreply.github.com>
Date: Wed, 29 Oct 2025 18:15:47 -0600
Subject: [PATCH 09/10] Apply suggestions from code review

---
 concepts/application-saml-sso-configure-api.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/concepts/application-saml-sso-configure-api.md b/concepts/application-saml-sso-configure-api.md
index dc51fb2c39c..b65cdd0353b 100644
--- a/concepts/application-saml-sso-configure-api.md
+++ b/concepts/application-saml-sso-configure-api.md
@@ -27,7 +27,6 @@ In this tutorial, you learn how to:
 
 > [!NOTE]
 > The steps for setting up SAML applications apply to configurations that use the SP-initiated flow.
-
 >The IDP-initiated flow requires modifying the SAML application in Entra ID to add the identifier (entity ID).
 
 ## Prerequisites

From 13ccf2fd0f49af0837e1d020016a6b75393bfe62 Mon Sep 17 00:00:00 2001
From: Danipocket <88507770+Danipocket@users.noreply.github.com>
Date: Wed, 29 Oct 2025 18:16:25 -0600
Subject: [PATCH 10/10] Apply suggestions from code review

---
 concepts/application-saml-sso-configure-api.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/concepts/application-saml-sso-configure-api.md b/concepts/application-saml-sso-configure-api.md
index b65cdd0353b..3c01f5764a8 100644
--- a/concepts/application-saml-sso-configure-api.md
+++ b/concepts/application-saml-sso-configure-api.md
@@ -27,7 +27,7 @@ In this tutorial, you learn how to:
 
 > [!NOTE]
 > The steps for setting up SAML applications apply to configurations that use the SP-initiated flow.
->The IDP-initiated flow requires modifying the SAML application in Entra ID to add the identifier (entity ID).
+> The IDP-initiated flow requires modifying the SAML application in Entra ID to add the identifier (entity ID).
 
 ## Prerequisites