Hello team, i tried to access the APIs of Microsoft Defender for Endpoint, but unable to access the APIs, everytime it throws Unautorized status code. I have used application context OAuth Bearer token. Authentication API sends successful response with Access Token, but when tried to use that token to access any API i.e. /api/alerts . It throws "Invalid Authorization payload" error(401). I have also granted the permissions of WindowsDefenderATP. I followed this document link: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exposed-apis-create-app-we... for registering app.
Did you check with jwt.io if your token has roles in it ? You need a resource parameter in the body with the endpoint URI to make it work. Without the roles in the token response, you are not authorized to access resources. Does that make sense ?