Forum Discussion
Defender for Cloud Apps REST API - Authentication
Hi mhmmdrn,
The reason you’re seeing the errors in this case is because these are not supported endpoints.
While there are several undocumented endpoints you can find through various methods they are reserved for the internal service and not exposed to an app registration permissions. This is implemented as part of the service so adding RBAC permissions or roles won’t correct the error here.
MicrosoftHi mhmmdrn,
There currently isn't a way to deploy policies in an automated manner today.
The endpoint we do support can be found here:
REST API - Microsoft Defender for Cloud Apps | Microsoft Learn
Feel free to add an item and provide your feedback here:
Keith_Fleming thank you for your answer, actually my question was about the authentication. Which Role based Permission should i give to authenticate the app which i created Azure AD? Should i give the app subscription level permissions, contributer etc.
By the way, there are some endpoints which are not listed in official documentation. For example;
- /api/v1/policies >> to get all deployed policies
- /api/v1/policy_templates >> to get all policy templates
- /api/v1/policy/discovery >> to deploy app discovery policies with Post method. and so on.
These endpoints work as expected. I tried them. But i need assistence in order to authenticate Test Tenant to deploy policies using Post Method. I can get the policies with Get method at Test Tenant but i doesnt allow me to deploy them.
Thank you in advance.
- Keith_Fleming
Hi mhmmdrn,
The reason you’re seeing the errors in this case is because these are not supported endpoints.
While there are several undocumented endpoints you can find through various methods they are reserved for the internal service and not exposed to an app registration permissions. This is implemented as part of the service so adding RBAC permissions or roles won’t correct the error here.