Forum Discussion

Brass Contributor

Nov 10, 2021

Solved

API Access for Automation

Hi, I've built a Power Automate flow that reads alerts from MCAS/MDCA that reviews some of the data in the alert and then closes it as benign if the behaviour is expected. It's all working apart ...

api management

mcas integration

power automate

JaredPoeppelman
Dec 03, 2021
Thanks for pointing out this preview functionality. This would be the way to go for this scenario if it weren't for the Power Automate problem pointed out below. Other programmatic access to MDCA, besides Power Automate integration, can still move to this new and better approach.

AlexDB

Microsoft

Nov 17, 2021

Hey Simon, have you seen these two articles?

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/apis-and-best-security-practices-for-microsoft-defender-for/ba-p/2909931

https://docs.microsoft.com/en-us/cloud-app-security/api-authentication-application

SimonR

Brass Contributor

Nov 22, 2021

Yes I did, the issue seems to be with the way PowerAutomate Flows are made available in MDCA, the user that connects to MDCA in the Flow trigger has to be the same as the user who wants to be able to see the Playbook as an option in the MDCA console. Currently we are using a service account to write and connect the flows until I can get something else working.