Sentinel as Code - Api COnnections

%3CLINGO-SUB%20id%3D%22lingo-sub-1463760%22%20slang%3D%22en-US%22%3ESentinel%20as%20Code%20-%20Api%20COnnections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1463760%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20several%20JSON%20templates%20for%20Playbooks%20and%20Logic%20apps.%20I%20can%20deploy%20them%20successfully%20with%20any%20issues.%20However%2C%20I%20have%20to%20manually%20authorize%20API%20connections%20used%20in%20Sentinel%20Playbook.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20a%20script%2Fsolution%20to%20authorize%20API%20connections%20with%20user%20interaction%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1463760%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESentinel%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1467191%22%20slang%3D%22en-US%22%3ERe%3A%20Sentinel%20as%20Code%20-%20Api%20COnnections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1467191%22%20slang%3D%22en-US%22%3EWhat%20API%20connectors%20are%20you%20looking%20into%3F%3CBR%20%2F%3E%3CBR%20%2F%3EYou%20can%20create%20them%20through%20an%20ARM%20template%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FAzure%2FAzure-Sentinel%2Fblob%2Fmaster%2FPlaybooks%2FClose-Incident-ASCAlert%2Fazuredeploy.json%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FAzure%2FAzure-Sentinel%2Fblob%2Fmaster%2FPlaybooks%2FClose-Incident-ASCAlert%2Fazuredeploy.json%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EBut%20OAuth%20API%20connections%20that%20utilize%20username%2Fpasswords%20require%20you%20to%20authorize%20user%20interaction%3CBR%20%2F%3E%3CBR%20%2F%3EWhat%20connection%20are%20you%20looking%20into%20automating%3F%3CBR%20%2F%3EHappy%20to%20look%20into%20these%20with%20you%20as%20I%20have%20researched%20this%20quite%20a%20bit%3C%2FLINGO-BODY%3E
Occasional Visitor

Hello,

 

I have several JSON templates for Playbooks and Logic apps. I can deploy them successfully with any issues. However, I have to manually authorize API connections used in Sentinel Playbook.

 

Is there a script/solution to authorize API connections without user interaction?

1 Reply
What API connectors are you looking into?

You can create them through an ARM template:
https://github.com/Azure/Azure-Sentinel/blob/master/Playbooks/Close-Incident-ASCAlert/azuredeploy.js...

But OAuth API connections that utilize username/passwords require you to authorize user interaction

What connection are you looking into automating?
Happy to look into these with you as I have researched this quite a bit