update api to acknowledge previous version

austinmccollum · web-flow · commit 8212a72c2b1f · 2024-05-30T09:17:57.000-05:00
diff --git a/articles/sentinel/upload-indicators-api.md b/articles/sentinel/upload-indicators-api.md
@@ -62,6 +62,18 @@ The resource/scope value is the audience of the token. This API only accepts the
 
 
 ### Assemble the request message
+There were two versions of the legacy API. Depending on the endpoint, a different array name was required in the request body. This was also represented by two versions of the logic app connector action.
+
+:::image type="content" source="media/stix-objects-api/logic-app-sentinel-connector-action-names.png" alt-text="Screenshot of logic app connector action names for Microsoft Sentinel upload indicators API.":::
+
+1. Connector action name: **Threat Intelligence - Upload Indicators of Compromise (Deprecated)**
+   - Endpoint: `https://sentinelus.azure-api.net/{workspaceId}/threatintelligence:upload-indicators`
+   - array of indicators name: `value`
+
+1. Connector action name: **Threat Intelligence - Upload Indicators of Compromise (V2) (Preview)**
+   - Endpoint: `https://sentinelus.azure-api.net/{workspaceId}/threatintelligenceindicators:upload`
+   - array of indicators name: `indicators`
+
 
 #### Request URI 
 API versioning: `api-version=2022-07-01`<br>
@@ -78,7 +90,7 @@ The JSON object for the body contains the following fields:
 |Field name	|Data Type	|Description|
 |---|---|---|
 |SourceSystem (required)| string | Identify your source system name. The value `Microsoft Sentinel` is restricted.|
-|Value (required) | array | An array of indicators in [STIX 2.0 or 2.1 format](https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_muftrcpnf89v) |
+|indicators (required) | array | An array of indicators in [STIX 2.0 or 2.1 format](https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_muftrcpnf89v) |
 
 Create the array of indicators using the STIX 2.1 indicator format specification, which has been condensed here for your convenience with links to important sections. Also note some properties, while valid for STIX 2.1, don't have corresponding indicator properties in Microsoft Sentinel.
 
@@ -155,7 +167,7 @@ Approximately 10,000 indicators per minute is the maximum throughput before a th
 ```json
 {
     "sourcesystem": "test", 
-    "value":[
+    "indicators":[
         {
             "type": "indicator",
             "spec_version": "2.1",
