Dec 19 2019
06:23 PM
- last edited on
Dec 23 2021
10:02 AM
by
TechCommunityAP
Dec 19 2019
06:23 PM
- last edited on
Dec 23 2021
10:02 AM
by
TechCommunityAP
Hi All
I am trying to use Microsoft graph API threat Indicators API based on Azure sentinel recommended way of integrating threat intelligence sources for IOC ingestion to Sentinel Instance. I perform the following steps in linux curl to test the functionality :
curl -X POST -d 'grant_type=client_credentials&client_id=[myClientId]&client_secret=[myAppSecret]&scope=openid profile ThreatIndicators.ReadWrite.OwnedBy' https://login.microsoftonline.com/[myTenantId]/oauth2/token
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Access token validation failure. Invalid audience.",
"innerError": {
"request-id": "########################",
"date": "2019-12-19T07:41:51"
}
}
Anybody has Idea how to use this ? Main motive is to use graph API POST query to insert threat indicators in Azure Sentinel
Dec 25 2019 08:36 PM
SolutionHi Ofer
we received the answer in stack overflow channel. FYI please refer to below link for solution:
Dec 25 2019 08:36 PM
SolutionHi Ofer
we received the answer in stack overflow channel. FYI please refer to below link for solution: