Forum Discussion
Issue with API of Microsoft Defender for Endpoint
Hello team, i tried to access the APIs of Microsoft Defender for Endpoint, but unable to access the APIs, everytime it throws Unautorized status code. I have used application context OAuth Bearer token. Authentication API sends successful response with Access Token, but when tried to use that token to access any API i.e. /api/alerts . It throws Unautorized error. I have also granted the permissions of WindowsDefenderATP. I followed this document link: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exposed-apis-create-app-webapp?view=o365-worldwide for registering app.
Note: The same configurations are working before 2-3 months, we have not changed anything though itโs giving unauthorized status. Let me know if i have to add something here.
- BillTheKidBrass ContributorPart 6) in the link you have posted. Client secret may have expired, make sure it hasn't.
- MeetrajsinhCopper ContributorI tried with New Secret Key, but receiving same error.
- BillTheKidBrass Contributor
When your client secret is fine and you still get unauthorized you might be missing the Admin consent for the permission you requested. Every time you add a permission, you must select Grant consent for the new permission to take effect. Need to be done by Global-Administrator for example, Security-Admin is not enough.