Forum Discussion
rgraphalyze
Oct 17, 2023Copper Contributor
MDE API not able to find a file using sha256 hash but corresponding sha1 works
Hello, We have a workflow with Defender for Endpoint where we call MDE's GET /api/files/${sha256_hash} api endpoint to get information about where the file is seen.
Lately this is always resulting in HTTP 404 response. This used to work in the past.
For the exact same file, GET /api/files/${sha1_hash} does yield all the expected results back. As per the documentation, either sha256 or sha1 should work. Is this a know issue and is there any resolution planned around this?
documentation for API endpoint in question stating that sha1 or sha256, either can be used-
- jbmartin6Iron ContributorIt is a known issue as far as known to us and other participants on this forum. There is a post about it once in a while. I don't think it is a known issue in the sense the Microsoft has acknowledged it and is planning a fix.