configure_global_admin_approval
Configure approval requirements for Global Administrator activation to enforce security controls and meet compliance standards.
Instructions
Configure approval requirement for Global Administrator activation (MS.AAD.7.6v1)
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Implementation Reference
- cisa-m365/src/index.ts:912-936 (handler)The main handler function that executes the tool logic: patches the role management policy via Microsoft Graph API to require approval for Global Administrator activation.private async configureGlobalAdminApproval() { try { // Configure approval settings using Microsoft Graph API await this.graphClient .api('/policies/roleManagementPolicies') .patch({ requireApprovalForGlobalAdmin: true, approvalWorkflowEnabled: true, }); return { content: [ { type: 'text', text: 'Global Administrator approval requirement configured successfully', }, ], }; } catch (error: unknown) { throw new McpError( ErrorCode.InternalError, `Failed to configure Global Admin approval: ${error instanceof Error ? error.message : 'Unknown error'}` ); } }
- cisa-m365/src/index.ts:267-274 (registration)Tool registration in the ListTools response, defining the tool name, description, and input schema.{ name: 'configure_global_admin_approval', description: 'Configure approval requirement for Global Administrator activation (MS.AAD.7.6v1)', inputSchema: { type: 'object', properties: {}, }, },
- cisa-m365/src/index.ts:364-365 (registration)Dispatch case in the CallToolRequest handler that routes to the tool's handler method.case 'configure_global_admin_approval': return await this.configureGlobalAdminApproval();
- cisa-m365/src/index.ts:270-273 (schema)Input schema definition for the tool (empty object, no parameters required).inputSchema: { type: 'object', properties: {}, },