Jul 11 2022 10:33 AM
Hello team, i tried to access the APIs of Microsoft Defender for Endpoint, but unable to access the APIs, everytime it throws Unautorized status code. I have used application context OAuth Bearer token. Authentication API sends successful response with Access Token, but when tried to use that token to access any API i.e. /api/alerts . It throws Unautorized error. I have also granted the permissions of WindowsDefenderATP. I followed this document link: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exposed-apis-create-app-we... for registering app.
Note: The same configurations are working before 2-3 months, we have not changed anything though it’s giving unauthorized status. Let me know if i have to add something here.
Jul 11 2022 05:21 PM
Jul 11 2022 10:22 PM
Jul 12 2022 03:10 PM - edited Jul 12 2022 03:12 PM
When your client secret is fine and you still get unauthorized you might be missing the Admin consent for the permission you requested. Every time you add a permission, you must select Grant consent for the new permission to take effect. Need to be done by Global-Administrator for example, Security-Admin is not enough.
Jul 12 2022 11:11 PM
Yes @BillTheKid, I already granted consent with an admin account, though it was giving the same error. I don't know how, but since yesterday it was working fine with the same configuration, I have not changed the configurations. Don't know what was the issue 😅