microsoft · alzimmermsft · Jun 15, 2026 · Jun 15, 2026
@@ -78,15 +78,4 @@ public static class RetryPolicy
             Required = false
         };
     }
-
-    public static class Authorization
-    {
-        public const string ScopeName = "scope";
-
-        public static readonly Option<string> Scope = new($"--{ScopeName}")
-        {
-            Description = "Scope at which the role assignment or definition applies to, e.g., /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.",
-            Required = true,
-        };
-    }
 }
@@ -0,0 +1,3 @@
+changes:
+  - section: "Breaking Changes"
+    description: "Removed unused parameters from Authorization tools."
@@ -2,14 +2,13 @@
 // Licensed under the MIT License.
 
 using Azure.Mcp.Core.Commands.Subscription;
+using Azure.Mcp.Core.Services.Azure.Subscription;
 using Azure.Mcp.Tools.Authorization.Models;
 using Azure.Mcp.Tools.Authorization.Options;
 using Azure.Mcp.Tools.Authorization.Services;
 using Microsoft.Extensions.Logging;
 using Microsoft.Mcp.Core.Commands;
-using Microsoft.Mcp.Core.Extensions;
 using Microsoft.Mcp.Core.Models.Command;
-using Microsoft.Mcp.Core.Models.Option;
 
 namespace Azure.Mcp.Tools.Authorization.Commands;
 
@@ -27,38 +26,19 @@ List role assignments. This command retrieves and displays all Azure RBAC role a
     ReadOnly = true,
     Secret = false,
     LocalRequired = false)]
-public sealed class RoleAssignmentListCommand(ILogger<RoleAssignmentListCommand> logger, IAuthorizationService authorizationService) : SubscriptionCommand<RoleAssignmentListOptions>
+public sealed class RoleAssignmentListCommand(ILogger<RoleAssignmentListCommand> logger, IAuthorizationService authorizationService, ISubscriptionResolver subscriptionResolver)
+    : SubscriptionCommand<RoleAssignmentListOptions, RoleAssignmentListCommand.RoleAssignmentListCommandResult>(subscriptionResolver)
 {
     private readonly ILogger<RoleAssignmentListCommand> _logger = logger;
     private readonly IAuthorizationService _authorizationService = authorizationService;
 
-    protected override void RegisterOptions(Command command)
+    public override async Task<CommandResponse> ExecuteAsync(CommandContext context, RoleAssignmentListOptions options, CancellationToken cancellationToken)
     {
-        base.RegisterOptions(command);
-        command.Options.Add(OptionDefinitions.Authorization.Scope);
-    }
-
-    protected override RoleAssignmentListOptions BindOptions(ParseResult parseResult)
-    {
-        var args = base.BindOptions(parseResult);
-        args.Scope = parseResult.GetValueOrDefault<string>(OptionDefinitions.Authorization.Scope.Name);
-        return args;
-    }
-
-    public override async Task<CommandResponse> ExecuteAsync(CommandContext context, ParseResult parseResult, CancellationToken cancellationToken)
-    {
-        if (!Validate(parseResult.CommandResult, context.Response).IsValid)
-        {
-            return context.Response;
-        }
-
-        var options = BindOptions(parseResult);
-
         try
         {
             var assignments = await _authorizationService.ListRoleAssignmentsAsync(
                 options.Subscription!,
-                options.Scope!,
+                options.Scope,
                 options.Tenant,
                 options.RetryPolicy,
                 cancellationToken);
@@ -74,5 +54,5 @@ public override async Task<CommandResponse> ExecuteAsync(CommandContext context,
         return context.Response;
     }
 
-    internal record RoleAssignmentListCommandResult(List<RoleAssignment> Assignments, bool AreResultsTruncated);
+    public sealed record RoleAssignmentListCommandResult(List<RoleAssignment> Assignments, bool AreResultsTruncated);
 }
@@ -1,14 +1,22 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
-using System.Text.Json.Serialization;
-using Microsoft.Mcp.Core.Models.Option;
+using Azure.Mcp.Core.Options;
 using Microsoft.Mcp.Core.Options;
 
 namespace Azure.Mcp.Tools.Authorization.Options;
 
-public class RoleAssignmentListOptions : SubscriptionOptions
+public sealed class RoleAssignmentListOptions : ISubscriptionOption
 {
-    [JsonPropertyName(OptionDefinitions.Authorization.ScopeName)]
-    public string? Scope { get; set; }
+    [Option(OptionDescriptions.Tenant)]
+    public string? Tenant { get; set; }
+
+    [Option(OptionDescriptions.Subscription)]
+    public string? Subscription { get; set; }
+
+    [Option(Name = "retry")]
+    public RetryPolicyOptions? RetryPolicy { get; set; }
+
+    [Option("Scope at which the role assignment or definition applies to, e.g., /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333, /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup, or /subscriptions/0b1f6471-1bf0-4dda-aec3-111122223333/resourceGroups/myGroup/providers/Microsoft.Compute/virtualMachines/myVM.")]
+    public required string Scope { get; set; }
 }
@@ -3,18 +3,18 @@
 
 using System.Net;
 using Azure.Mcp.Core.Services.Azure;
+using Azure.Mcp.Tests.Commands;
 using Azure.Mcp.Tools.Authorization.Commands;
 using Azure.Mcp.Tools.Authorization.Models;
 using Azure.Mcp.Tools.Authorization.Services;
 using Microsoft.Mcp.Core.Options;
-using Microsoft.Mcp.Tests.Client;
 using NSubstitute;
 using NSubstitute.ExceptionExtensions;
 using Xunit;
 
 namespace Azure.Mcp.Tools.Authorization.Tests;
 
-public class RoleAssignmentListCommandTests : CommandUnitTestsBase<RoleAssignmentListCommand, IAuthorizationService>
+public class RoleAssignmentListCommandTests : SubscriptionCommandUnitTestsBase<RoleAssignmentListCommand, IAuthorizationService>
 {
     [Fact]
     public async Task ExecuteAsync_ReturnsRoleAssignments_WhenRoleAssignmentsExist()