cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Issue with API of Microsoft Defender for Endpoint

Meetrajsinh
Copper Contributor

‎Jul 11 2022 10:33 AM

‎Jul 11 2022 10:33 AM

Issue with API of Microsoft Defender for Endpoint

Hello team, i tried to access the APIs of Microsoft Defender for Endpoint, but unable to access the APIs, everytime it throws Unautorized status code. I have used application context OAuth Bearer token. Authentication API sends successful response with Access Token, but when tried to use that token to access any API i.e. /api/alerts . It throws Unautorized error. I have also granted the permissions of WindowsDefenderATPI followed this document link: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exposed-apis-create-app-we... for registering app. 

Note: The same configurations are working before 2-3 months, we have not changed anything though it’s giving unauthorized status. Let me know if i have to add something here.

2,724 Views
0 Likes
4 Replies
Reply
4 Replies
BillTheKid

‎Jul 11 2022 05:21 PM

‎Jul 11 2022 05:21 PM

Re: Issue with API of Microsoft Defender for Endpoint

Part 6) in the link you have posted. Client secret may have expired, make sure it hasn't.
0 Likes
Reply
Meetrajsinh

‎Jul 11 2022 10:22 PM

‎Jul 11 2022 10:22 PM

Re: Issue with API of Microsoft Defender for Endpoint

I tried with New Secret Key, but receiving same error.
0 Likes
Reply
BillTheKid

‎Jul 12 2022 03:10 PM - edited ‎Jul 12 2022 03:12 PM

‎Jul 12 2022 03:10 PM - edited ‎Jul 12 2022 03:12 PM

Re: Issue with API of Microsoft Defender for Endpoint

When your client secret is fine and you still get unauthorized you might be missing the Admin consent for the permission you requested. Every time you add a permission, you must select Grant consent for the new permission to take effect. Need to be done by Global-Administrator for example, Security-Admin is not enough.

0 Likes
Reply
Meetrajsinh

‎Jul 12 2022 11:11 PM

‎Jul 12 2022 11:11 PM

Re: Issue with API of Microsoft Defender for Endpoint

Yes @BillTheKid,  I already granted consent with an admin account, though it was giving the same error. I don't know how, but since yesterday it was working fine with the same configuration, I have not changed the configurations. Don't know what was the issue :grinning_face_with_sweat:

0 Likes
Reply