Adding appRole property to ApplicationCreateParameters and ApplicationUpdateParameters

specification/graphrbac/data-plane/stable/1.6/graphrbac.json

@@ -2024,9 +2024,52 @@
       ],
       "description": "Specifies an OAuth 2.0 permission scope or an app role that an application requires. The resourceAccess property of the RequiredResourceAccess type is a collection of ResourceAccess."
     },
+    "AppRole": {
+      "type": "object",
+      "properties": {
+        "allowedMemberTypes": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "Specifies whether this app role definition can be assigned to users and groups by setting to \"User\", or to other applications by setting to \"Application\", or to both."
+        },
+        "description": {
+          "type": "string",
+          "description": "Permission help text that appears in the admin app assignment and consent experiences."
+        },
+        "displayName": {
+          "type": "string",
+          "description": "Display name for the permission that appears in the admin consent and app assignment experiences. For example, \"Read Only\" or \"Admin\"."
+        },
+        "id": {
+          "type": "string",
+          "description": "Unique role identifier inside the appRoles collection, such as \"c20e145e-5459-4a6c-a074-b942bbd4cfe1\"."
+        },
+        "isEnabled": {
+          "type": "boolean",
+          "description": "When creating or updating a role definition, this must be set to true (which is the default). To delete a role, this must first be set to false."
+        },
+        "value": {
+          "type":"string",
+          "description": "Specifies the value of the roles claim that the application should expect in the authentication and access tokens, such as \"ReadOnly\" or \"Admin\"."
+        }
+      },
+      "additionalProperties": {
+        "type": "object"
+      },
+      "description": "Represents an application role that may be requested by a client application calling another application or that may be used to assign an application to users or groups in a specified application role. The appRoles property of the servicePrincipal entity and of the application entity is a collection of appRole."
+    },
     "ApplicationCreateParameters": {
       "type": "object",
       "properties": {
+        "appRoles": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AppRole"
+          },
+          "description": "The collection of application roles that an application may declare."
+        },
         "availableToOtherTenants": {
           "type": "boolean",
           "description": "Whether the application is available to other tenants."
@@ -2092,6 +2135,13 @@
     "ApplicationUpdateParameters": {
       "type": "object",
       "properties": {
+        "appRoles": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AppRole"
+          },
+          "description": "The collection of application roles that an application may declare."
+        },
         "availableToOtherTenants": {
           "type": "boolean",
           "description": "Whether the application is available to other tenants"
@@ -2168,6 +2218,13 @@
           },
           "description": "The application permissions."
         },
+        "appRoles": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AppRole"
+          },
+          "description": "The collection of application roles that an application may declare."
+        },
         "availableToOtherTenants": {
           "type": "boolean",
           "description": "Whether the application is be available to other tenants."