Forum Discussion

KeshavKhanna's avatar
KeshavKhanna
Copper Contributor
Oct 03, 2024

Shows 403 when trying to do "get"->api.security.microsoft.com/api/dataexportsettings via code

Hey folks! I'm trying to automate creation of "data export settings" in Microsoft Defender for Endpoint. Path to find it in UI - {Endpoints > Partners and APIs > API Explorer}. When I try to ...
KeshavKhanna's avatar
KeshavKhanna
Copper Contributor
Oct 07, 2024

Fr4nsec Thanks for replying.

Below are the roles I have when I try the token on JWT. 

All of those are "Application" permissions. Here's what I do after getting the token -

$token = "TOKENHERE"

$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $token"
}

 

$url = "https://api.security.microsoft.com/api/dataexportsettings"

Invoke-WebRequest -Method Get -Uri $url -Headers $headers

 

What I get -

Any idea which permission I'm lacking here? Any suggestions are appreciated!

 

matthewjensen's avatar
matthewjensen
Copper Contributor
Oct 11, 2024

KeshavKhanna I think it's something to do with the application not having permission to access the API. When trying to create a new export setting, I get this error: {"error":{"code":"Forbidden","message":"Application context is not allowed to access this API. Expected user context.","target":"|."}}

 

Resources