Forum Discussion
Can't find Machine.Read.All permissions for Defender for Endpoint API
Hi,
I am trying to access the following https://api.securitycenter.microsoft.com/api/machines via Graph.
The documentation tells me to add the below permissions https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/api/get-machines?view=o365-worldwide
| Application | Machine.Read.All | 'Read all machine profiles' |
| Application | Machine.ReadWrite.All | 'Read and write all machine information' |
I cannot find these permission in Azure under Graph or API's my org uses.
Where can I add these permissions so that I can access this API for reporting purposes?
1 Reply
The Machine.Read.All permissions are under the "WindowsDefenderATP" API. This will provide the access to API endpoint(https://api.securitycenter.microsoft.com/api/machines). We import Defender machine's data into Power BI with Azure app permissions for reporting, this worked for us.
