From 0fc1c5986e8da87d7e04769c6864428d15a7b16b Mon Sep 17 00:00:00 2001
From: Mike Swanson <mike@azcomputerguru.com>
Date: Sun, 19 Apr 2026 14:41:44 -0700
Subject: [PATCH] msg: manifest updated + Cascades consent re-run for
 IdentityRiskyUser APIs

---
 .claude/messages/for-howard.md | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/.claude/messages/for-howard.md b/.claude/messages/for-howard.md
index 53a14c3..60a8308 100644
--- a/.claude/messages/for-howard.md
+++ b/.claude/messages/for-howard.md
@@ -4,13 +4,6 @@ Check this file at sync. Delete items after you've addressed them.
 
 ---
 
-## From Mike, 2026-04-19 — Cascades IdentityRiskyUser.Read.All consent
+## From Mike, 2026-04-19 — Cascades IdentityRiskyUser.Read.All — RESOLVED
 
-**Go ahead.** Approved to grant admin consent for `IdentityRiskyUser.Read.All` on the Cascades tenant.
-
-Agree with your reasoning — read-only, we already hold far more sensitive scopes, and the workflow gap is real.
-
-Consent URL (sign in as GA on Cascades tenant):
-```
-https://login.microsoftonline.com/207fa277-e9d8-4eb7-ada1-1064d2221498/adminconsent?client_id=fabb3421-8b34-484b-bc17-e46de9703418
-```
+App manifest updated with all risky Identity Protection APIs. Admin consent re-run on Cascades tenant (2026-04-19). Should be live — re-test the risky-user check when you get a chance.