Forum Discussion
Connecting to defenders account with python
Hello, I am very new to using some of the features that Microsoft Azure and Defender for cloud app has to follow. Currently, I have some credentials which log me into a Microsoft Defender for cloud apps account. When I am logged in I have access to a few urls that lead to json data. I am trying to write a python program which can access the data in these urls. I have been trying to do this for about a week and have had no luck. At first I thought I could just sign into account using the credentials and the request library but I could never get the sign in to work. I then began doing some research on the features the Microsoft accounts have to offer and it seems like there might be some way to connect a program as an app, or connect an aws ec2 which would allow me to get access. I messed around on the accounts a little but I don't really know what I am doing. I was wondering if anyone could point me in the right direction (like relevant documentation or some tips on how to connect). I feel like this should be a simple task but it has been giving me a lot of trouble. Thanks!
3 Replies
- Keith_Fleming
Microsoft
Hi,
For MDCA there are a few different ways you can connect to the REST endpoints.
You can create an application in AAD and then use client secret/client ID to exchange for an access token which then needs to be added to the HTTP request header. This is the newer method and here are a couple of articles that talk more about it.
https://docs.microsoft.com/en-us/defender-cloud-apps/api-authentication-application
https://github.com/AzureAD/microsoft-authentication-library-for-python
There is a second legacy method using an API key which is generated in the MDCA portal. In this case the token stays static.
https://docs.microsoft.com/en-us/defender-cloud-apps/api-tokens-legacyThanks for the response! I have looked into both methods some. The second legacy method seems more appealing to me as the first seems like it wants the user to set a time limit for the credentials, which I don't really want to do (as well as the second method looks simpler). I have generated the static token by following the directions in the link to the documentation, but don't really know what to do next. Do I still need to use the Microsoft authentication library for python to access the data if I use this method? I tried using the token in the requests library to access the data, but I haven't gotten it to work. Thanks for you help so far!
- Neverminded, I think I got it work work. I just needed to make a get request with the request python library to the url I wanted and supply the token in the header as {"Authorization": "Token <token_here>"}. Thanks!
