microsoftgraph
diff --git a/‎api-reference/beta/api/accesspackage-list-accesspackageresourcerolescopes.md
Lines changed: 1 addition & 1 deletion b/‎api-reference/beta/api/accesspackage-list-accesspackageresourcerolescopes.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-reference/beta/api/accesspackagecatalog-list-accesspackageresourceroles.md
Lines changed: 4 additions & 4 deletions b/‎api-reference/beta/api/accesspackagecatalog-list-accesspackageresourceroles.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎api-reference/beta/api/accesspackagecatalog-list-accesspackageresources.md
Lines changed: 1 addition & 1 deletion b/‎api-reference/beta/api/accesspackagecatalog-list-accesspackageresources.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-reference/beta/api/authorizationpolicy-get.md
Lines changed: 2 additions & 0 deletions b/‎api-reference/beta/api/authorizationpolicy-get.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎api-reference/beta/api/authorizationpolicy-update.md
Lines changed: 1 addition & 1 deletion b/‎api-reference/beta/api/authorizationpolicy-update.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-reference/beta/api/azureadauthentication-get.md
Lines changed: 1 addition & 6 deletions b/‎api-reference/beta/api/azureadauthentication-get.md
Lines changed: 1 addition & 6 deletions
diff --git a/‎api-reference/beta/api/certificateauthoritydetail-get.md
Lines changed: 134 additions & 0 deletions b/‎api-reference/beta/api/certificateauthoritydetail-get.md
Lines changed: 134 additions & 0 deletions
diff --git a/‎api-reference/beta/api/certificateauthoritydetail-update.md
Lines changed: 154 additions & 0 deletions b/‎api-reference/beta/api/certificateauthoritydetail-update.md
Lines changed: 154 additions & 0 deletions
@@ -1,6 +1,6 @@
 ---
 title: "List accessPackageResourceRoleScopes"
-description: "Retrieve a list of accesspackageresourcerolescope objects."
+description: "Retrieve an access package with a list of accessPackageResourceRoleScope objects."
 ms.localizationpriority: medium
 author: "markwahl-msft"
 ms.subservice: "entra-id-governance"
 
@@ -1,6 +1,6 @@
 ---
 title: "List accessPackageResourceRoles"
-description: "Retrieve a list of accessPackageResourceRole objects."
+description: "Retrieve a list of accessPackageResourceRole objects of an accessPackageResource in an accessPackageCatalog."
 ms.localizationpriority: medium
 author: "markwahl-msft"
 ms.subservice: "entra-id-governance"
@@ -132,9 +132,9 @@ Content-type: application/json
 }
 ```
 
-### Example 2: Retrieve the roles of a resource for a SharePoint Online site
+### Example 2: Retrieve the roles of a resource for a SharePoint site
 
-This is an example of retrieving the roles of a resource, to obtain the **originId** of each role.  This would be used after a SharePoint Online site has been added as a resource to the catalog, as the **originId** of a SharePoint site role, the sequence number of the role in the site, is needed to add the role to an access package.
+The following example shows how to retrieve the roles of a resource, to obtain the **originId** of each role. This would be used after a SharePoint site has been added as a resource to the catalog, as the **originId** of a SharePoint site role, the sequence number of the role in the site, is needed to add the role to an access package.
 
 #### Request
 
@@ -188,7 +188,7 @@ GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/ac
 
 #### Response
 
-The following example shows the response.  The **displayName** is the same as shown in the SharePoint Online view of a site, and the **originId** is the underlying identifier established by SharePoint Online for the role.
+The following example shows the response. The **displayName** is the same as shown in the SharePoint view of a site, and the **originId** is the underlying identifier established by SharePoint for the role.
 
 > **Note:** The response object shown here might be shortened for readability.
 
 
@@ -1,6 +1,6 @@
 ---
 title: "List accessPackageResources"
-description: "Retrieve a list of accesspackageresource objects."
+description: "Retrieve a list of accessPackageResource objects in an accessPackageCatalog."
 ms.localizationpriority: medium
 author: "markwahl-msft"
 ms.subservice: "entra-id-governance"
 
@@ -25,6 +25,8 @@ Choose the permission or permissions marked as least privileged for this API. Us
 <!-- { "blockType": "permissions", "name": "authorizationpolicy_get" } -->
 [!INCLUDE [permissions-table](../includes/permissions/authorizationpolicy-get-permissions.md)]
 
+[!INCLUDE [rbac-authorization-policy-apis-read](../includes/rbac-for-apis/rbac-authorization-policy-apis-read.md)]
+
 ## HTTP request
 
 <!-- { "blockType": "ignored" } -->
 
@@ -25,7 +25,7 @@ Choose the permission or permissions marked as least privileged for this API. Us
 <!-- { "blockType": "permissions", "name": "authorizationpolicy_update" } -->
 [!INCLUDE [permissions-table](../includes/permissions/authorizationpolicy-update-permissions.md)]
 
-For delegated scenarios, the user needs to have the *Privileged Role Administrator* [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json).
+[!INCLUDE [rbac-authorization-policy-apis-update](../includes/rbac-for-apis/rbac-authorization-policy-apis-update.md)]
 
 ## HTTP request
 
 
@@ -22,12 +22,7 @@ Choose the permission or permissions marked as least privileged for this API. Us
 <!-- { "blockType": "permissions", "name": "azureadauthentication_get" } -->
 [!INCLUDE [permissions-table](../includes/permissions/azureadauthentication-get-permissions.md)]
 
-For delegated scenarios, the calling user needs to belong to at least one of the following [Microsoft Entra roles](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json):
-+ Global Reader
-+ Reports Reader
-+ Security Administrator
-+ Security Operator
-+ Security Reader
+[!INCLUDE [rbac-entra-health-service-activity-apis](../includes/rbac-for-apis/rbac-entra-health-service-activity-apis.md)]
 
 ## HTTP request
 
 
@@ -0,0 +1,134 @@
+---
+title: "Get certificateAuthorityDetail"
+description: "Read the properties and relationships of a certificateAuthorityDetail object."
+author: "suawat"
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+---
+
+# Get certificateAuthorityDetail
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Read the properties and relationships of a [certificateAuthorityDetail](../resources/certificateauthoritydetail.md) object.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+<!-- { "blockType": "permissions", "name": "certificateauthoritydetail_get" } -->
+[!INCLUDE [permissions-table](../includes/permissions/certificateauthoritydetail-get-permissions.md)]
+
+[!INCLUDE [rbac-cert-based-authpkis-apis](../includes/rbac-for-apis/rbac-cert-based-authpkis-apis.md)]
+
+## HTTP request
+
+<!-- {
+  "blockType": "ignored"
+}
+-->
+
+``` http
+GET /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPkiId}/certificateAuthorities/{certificateAuthorityDetailId}
+```
+
+## Optional query parameters
+
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+
+## Request body
+
+Don't supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [certificateAuthorityDetail](../resources/certificateauthoritydetail.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following example shows a request.
+# [HTTP](#tab/http)
+<!-- {
+  "blockType": "request",
+  "name": "get_certificateauthoritydetail"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPkiId}/certificateAuthorities/{certificateAuthorityDetailId}
+```
+
+# [C#](#tab/csharp)
+[!INCLUDE [sample-code](../includes/snippets/csharp/get-certificateauthoritydetail-csharp-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [CLI](#tab/cli)
+[!INCLUDE [sample-code](../includes/snippets/cli/get-certificateauthoritydetail-cli-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [Go](#tab/go)
+[!INCLUDE [sample-code](../includes/snippets/go/get-certificateauthoritydetail-go-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [Java](#tab/java)
+[!INCLUDE [sample-code](../includes/snippets/java/get-certificateauthoritydetail-java-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [JavaScript](#tab/javascript)
+[!INCLUDE [sample-code](../includes/snippets/javascript/get-certificateauthoritydetail-javascript-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [PHP](#tab/php)
+[!INCLUDE [sample-code](../includes/snippets/php/get-certificateauthoritydetail-php-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [Python](#tab/python)
+[!INCLUDE [sample-code](../includes/snippets/python/get-certificateauthoritydetail-python-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+---
+
+
+### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "microsoft.graph.certificateAuthorityDetail"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "value": {
+    "@odata.type": "#microsoft.graph.certificateAuthorityDetail",
+    "id": "90777c92-2eb3-4a68-931d-4a3e1e1c741f",
+    "deletedDateTime": null,
+    "certificateAuthorityType": "root",
+    "certificate": "Binary",
+    "displayName": "Contoso2 CA1",
+    "issuer": "Contoso2",
+    "issuerSubjectKeyIdentifier": "C0E9....711A",
+    "createdDateTime": "2024-10-25T18:05:28Z",
+    "expirationDateTime": "2027-08-29T02:05:57Z",
+    "thumbprint": "C6FA....4E9CF2",
+    "certificateRevocationListUrl": null,
+    "deltacertificateRevocationListUrl": null,
+    "isIssuerHintEnabled": true
+  }
+}
+```
@@ -0,0 +1,154 @@
+---
+title: "Update certificateAuthorityDetail"
+description: "Update the properties of a certificateAuthorityDetail object."
+author: "suawat"
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+---
+
+# Update certificateAuthorityDetail
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Update the properties of a [certificateAuthorityDetail](../resources/certificateauthoritydetail.md) object.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+<!-- { "blockType": "permissions", "name": "certificateauthoritydetail_update" } -->
+[!INCLUDE [permissions-table](../includes/permissions/certificateauthoritydetail-update-permissions.md)]
+
+[!INCLUDE [rbac-cert-based-authpkis-apis](../includes/rbac-for-apis/rbac-cert-based-authpkis-apis.md)]
+
+
+## HTTP request
+
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+PATCH /directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPkiId}/certificateAuthorities/{certificateAuthorityDetailId}
+```
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+[!INCLUDE [table-intro](../../includes/update-property-table-intro.md)]
+
+|Property|Type|Description|
+|:---|:---|:---|
+|certificateAuthorityType|certificateAuthorityType|The type of certificate authority. The possible values are: `root`, `intermediate`, `unknownFutureValue`. |
+|certificate|Binary|The type of certificate authority. Possible values are: `root`, `intermediate`.|
+|displayName|String|The name of the certificate authority. |
+|issuer|String|The issuer of the certificate authority. |
+|issuerSubjectKeyIdentifier|String|The subject key identifier of certificate authority. |
+|createdDateTime|DateTimeOffset|The date and time when the certificate authority was created. |
+|expirationDateTime|DateTimeOffset|The date and time when the certificate authority expires. Required.|
+|thumbprint|String|The thumbprint of certificate authority certificate. Required.|
+|certificateRevocationListUrl|String|The URL to check if the certificate is revoked. |
+|deltacertificateRevocationListUrl|String|The URL to check if the certificate is revoked. |
+|isIssuerHintEnabled|Boolean|Indicates whether the certificate picker presents the certificate authority to the user to use for authentication. Default value is `false`. |
+
+
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [certificateAuthorityDetail](../resources/certificateauthoritydetail.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following example shows a request.
+# [HTTP](#tab/http)
+<!-- {
+  "blockType": "request",
+  "name": "update_certificateauthoritydetail"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/directory/publicKeyInfrastructure/certificateBasedAuthConfigurations/{certificateBasedAuthPkiId}/certificateAuthorities/{certificateAuthorityDetailId}
+Content-Type: application/json
+
+{
+
+   "isIssuerHintEnabled": true
+   
+}
+```
+
+# [C#](#tab/csharp)
+[!INCLUDE [sample-code](../includes/snippets/csharp/update-certificateauthoritydetail-csharp-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [CLI](#tab/cli)
+[!INCLUDE [sample-code](../includes/snippets/cli/update-certificateauthoritydetail-cli-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [Go](#tab/go)
+[!INCLUDE [sample-code](../includes/snippets/go/update-certificateauthoritydetail-go-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [Java](#tab/java)
+[!INCLUDE [sample-code](../includes/snippets/java/update-certificateauthoritydetail-java-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [JavaScript](#tab/javascript)
+[!INCLUDE [sample-code](../includes/snippets/javascript/update-certificateauthoritydetail-javascript-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [PHP](#tab/php)
+[!INCLUDE [sample-code](../includes/snippets/php/update-certificateauthoritydetail-php-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+# [Python](#tab/python)
+[!INCLUDE [sample-code](../includes/snippets/python/update-certificateauthoritydetail-python-snippets.md)]
+[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+
+---
+
+
+### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "microsoft.graph.certificateAuthorityDetail"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "@odata.type": "#microsoft.graph.certificateAuthorityDetail",
+  "id": "90777c92-2eb3-4a68-931d-4a3e1e1c741f",
+  "deletedDateTime": null,
+  "certificateAuthorityType": "root",
+  "certificate": "Binary",
+  "displayName": "Contoso2 CA1",
+  "issuer": "Contoso2",
+  "issuerSubjectKeyIdentifier": "C0E9....711A",
+  "createdDateTime": "2024-10-25T18:05:28Z",
+  "expirationDateTime": "2027-08-29T02:05:57Z",
+  "thumbprint": "C6FA....4E9CF2",
+  "certificateRevocationListUrl": null,
+  "deltacertificateRevocationListUrl": null,
+  "isIssuerHintEnabled": true
+
+}
+```
+