azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: purge stale fabb3421 narrative — Mail.Send already lives in the 365 app suite

Browse Source 
Mail.Send is NOT an open decision or a 'blocked' item: the Exchange Operator
tier (b43e7342) already holds Graph Mail.Send + Mail.ReadWrite +
MailboxSettings.ReadWrite (the suite's IR victim-notification mail path).
/mailbox (ACG own-mail) separately uses the dedicated ComputerGuru Mailbox app
1873b1b0. The deleted fabb3421/Claude-MSP-Access app is now referenced only as
DELETED/do-not-use across all live surfaces.

Corrected: remediation-tool gotchas.md (removed 'suite has no mail scopes /
mailbox BLOCKED / decision-not-executed'), commands/mailbox.md (header +
Attribution no longer name the deleted app as active), feedback memory
(promoted 'suite has Mail.Send — settled' to a headline), breach-report
template, .grok mirrors, credentials.md, CATALOG_SHARED_DATA.md, and wiki
(internal-infrastructure, glaztech, dataforth). Removed dead plaintext secret
for the deleted app from CATALOG_SHARED_DATA.md.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Mike Swanson
2026-06-21 09:46:54 -07:00
parent 6897e515c9
commit f55b8d2556
12 changed files with 35 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
credentials.md
View File

@@ -562,10 +562,21 @@ export OP_SERVICE_ACCOUNT_TOKEN="op://Infrastructure/Service Account Auth Token:
- **Client Secret:** op://MSP Tools/CIPP/OAuth.Client Secret
- **Scope:** op://MSP Tools/CIPP/OAuth.Scope
### Claude-MSP-Access (Multi-Tenant Graph API)
### Claude-MSP-Access (Multi-Tenant Graph API) — DELETED 2026-06-14
- **Status:** App `fabb3421-8b34-484b-bc17-e46de9703418` was DELETED from the azcomputerguru.com tenant 2026-06-14. Token requests now return AADSTS700016. Do NOT use. Replaced by the tiered ComputerGuru app suite below.
### ComputerGuru Remediation App Suite (tiered, multi-tenant Graph/EXO)
- **Tenant ID:** ce61461e-81a0-4c84-bb4a-7b354a9a356d
- **App ID:** op://MSP Tools/Claude-MSP-Access (Graph API)/App ID
- **Client Secret:** op://MSP Tools/Claude-MSP-Access (Graph API)/credential
- **Security Investigator:** `bfbc12a4-f0dd-4e12-b06d-997e7271e10c` — vault `msp-tools/computerguru-security-investigator.sops.yaml` (Graph read + EXO read)
- **Exchange Operator:** `b43e7342-5b4b-492f-890f-bb5a4f7f40e9` — vault `msp-tools/computerguru-exchange-operator.sops.yaml` (EXO write + Graph **Mail.Send / Mail.ReadWrite / MailboxSettings.ReadWrite** — the suite's mail-send path)
- **User Manager:** `64fac46b-8b44-41ad-93ee-7da03927576c` — vault `msp-tools/computerguru-user-manager.sops.yaml`
- **Tenant Admin:** `709e6eed-0711-4875-9c44-2d3518c47063` — vault `msp-tools/computerguru-tenant-admin.sops.yaml`
- **Defender Add-on:** `dbf8ad1a-54f4-4bb8-8a9e-ea5b9634635b` — vault `msp-tools/computerguru-defender-addon.sops.yaml` (MDE-licensed tenants only)
- **Token:** `bash .claude/skills/remediation-tool/scripts/get-token.sh <tenant-id> <tier>`
### ComputerGuru Mailbox (ACG own-mail, `/mailbox`)
- **App ID:** `1873b1b0-3377-485c-a848-bae9b2f8f1f5` — vault `msp-tools/computerguru-mailbox.sops.yaml` (single-tenant azcomputerguru.com; Mail.ReadWrite + Mail.Send + Contacts.ReadWrite)
- **Token:** `bash .claude/skills/remediation-tool/scripts/get-token.sh azcomputerguru.com mailbox` (SP disabled when idle — enable on 401 "account is disabled")
### ACG-MSP-Access (Google Workspace)
- **Service Account:** op://MSP Tools/ACG-MSP-Access (Google Workspace)/Service Account Email