Forum Discussion
Defender for Cloud Apps REST API - Authentication
Hi Everyone,
I am trying to automate deployment of policies on MDCAS with Powershell and for testing envrironment i have a test tenant which includes Defender for Cloud Apps. I have created a API Token and used it in my Script but i am getting following error
It works on production Tenant. I dont understand the reason.
I have also tried Oauth2 Authentication by adding an WebApp in Azure Active Directory and have assigned all neccessary permissions but at this time i am getting the following error
here is the permissons;
Can anyone tell me what i miss? Or is there another way to deploy policies ? Graph API or PS cmdlets?
Thank you in advance.
Hi mhmmdrn,
The reason you’re seeing the errors in this case is because these are not supported endpoints.
While there are several undocumented endpoints you can find through various methods they are reserved for the internal service and not exposed to an app registration permissions. This is implemented as part of the service so adding RBAC permissions or roles won’t correct the error here.
3 Replies
- Keith_Fleming
Microsoft
Hi mhmmdrn,
There currently isn't a way to deploy policies in an automated manner today.
The endpoint we do support can be found here:
REST API - Microsoft Defender for Cloud Apps | Microsoft Learn
Feel free to add an item and provide your feedback here:
Keith_Fleming thank you for your answer, actually my question was about the authentication. Which Role based Permission should i give to authenticate the app which i created Azure AD? Should i give the app subscription level permissions, contributer etc.
By the way, there are some endpoints which are not listed in official documentation. For example;- /api/v1/policies >> to get all deployed policies
- /api/v1/policy_templates >> to get all policy templates
- /api/v1/policy/discovery >> to deploy app discovery policies with Post method. and so on.
These endpoints work as expected. I tried them. But i need assistence in order to authenticate Test Tenant to deploy policies using Post Method. I can get the policies with Get method at Test Tenant but i doesnt allow me to deploy them.
Thank you in advance.
- Keith_Fleming
Hi mhmmdrn,
The reason you’re seeing the errors in this case is because these are not supported endpoints.
While there are several undocumented endpoints you can find through various methods they are reserved for the internal service and not exposed to an app registration permissions. This is implemented as part of the service so adding RBAC permissions or roles won’t correct the error here.
