chore: add AdministrativeUnit.Read.All to au permissions in docs

malhussan · Jelledb · commit 2bef06daf455 · 2025-08-08T08:20:25.000Z
diff --git a/docs/new-integration-how-to-integrate-azure-administrative-units.md b/docs/new-integration-how-to-integrate-azure-administrative-units.md
@@ -29,7 +29,7 @@ integration:
 
 | Feature                                 | Standard Integration Permissions                                                          | Integration Permissions with Administrative Units                                                |
 | --------------------------------------- | ----------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------ |
-| **User Discovery for Group Membership** | `Directory.Read.All` _tenant scope_ <br>Read all users and groups                         | `User.Read.All` _tenant scope_ <br>Read all users                                              |
+| **User Discovery for Group Membership** | `Directory.Read.All` _tenant scope_ <br>Read all users and groups                         | `User.Read.All` and `AdministrativeUnit.Read.All` _tenant scope_ <br>Read all users and administrative units                                             |
 | **Manage Groups**                       | `Group.ReadWrite.All` _tenant scope_ <br>Create and delete groups, manage membership       | `Groups Administrator` _administrative unit scope_ <br>Create and delete groups, manage membership _only within_ the administrative unit |
 | **Invite Users (Azure B2B)**            | `User.Invite.All` _tenant scope_ <br>Optional, invite AAD B2B guest users into the tenant | `User.Invite.All` _tenant scope_ <br>Optional, invite AAD B2B guest users into the tenant        |
 
