You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/api/exposed-apis-create-app-partners.md
+13-12Lines changed: 13 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -89,26 +89,26 @@ The following steps guide you how to create a Microsoft Entra application, get a
89
89
90
90
To determine which permission you need, review the **Permissions** section in the API you want to call. For instance:
91
91
92
-
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
93
-
- To [isolate a device](isolate-machine.md), select 'Isolate machine' permission
92
+
- To [run advanced queries](run-advanced-query-api.md), select the **Run advanced queries** permission.
93
+
- To [isolate a device](isolate-machine.md), select the **Isolate machine** permission.
94
94
95
-
In the following example we use **'Read all alerts'** permission:
95
+
In the following example we use **Read all alerts** permission:
96
96
97
97
1. Choose **Application permissions**\>**Alert.Read.All** > select on **Add permissions**
98
98
99
99
:::image type="content" source="../media/application-permissions.png" alt-text="The option that allows to add a permission" lightbox="../media/application-permissions.png":::
100
100
101
101
2. Select **Grant consent**
102
102
103
-
-**Note**: Every time you add permission you must select on **Grant consent** for the new permission to take effect.
103
+
- Every time you add permission you must select on **Grant consent** for the new permission to take effect.
104
104
105
105
:::image type="content" source="../media/grant-consent.png" alt-text="The option that allows consent to be granted" lightbox="../media/grant-consent.png":::
106
106
107
107
3. Add a secret to the application.
108
108
109
109
- Select **Certificates & secrets**, add description to the secret and select **Add**.
110
110
111
-
**Important**: After you select **Add**, make sure to copy the generated secret value. You won't be able to retrieve it after you leave!
111
+
After you select **Add**, make sure to copy the generated secret value. You won't be able to retrieve it after you leave!
@@ -142,7 +142,7 @@ In the following example we use **'Read all alerts'** permission:
142
142
143
143
## Get an access token example
144
144
145
-
**Note:**To get access token on behalf of your customer, use the customer's tenant ID on the following token acquisitions.
145
+
To get access token on behalf of your customer, use the customer's tenant ID on the following token acquisitions.
146
146
147
147
For more information on Microsoft Entra token, see [Microsoft Entra tutorial](/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds).
148
148
@@ -240,21 +240,22 @@ Confirm you received a correct token.
240
240
241
241
1. Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it.
242
242
243
-
2. Confirm you get a 'roles' claim with the desired permissions.
243
+
2. Confirm you get a roles claim with the appropriate permissions.
244
244
245
245
In the following screenshot, you can see a decoded token acquired from an Application with multiple permissions to Microsoft Defender for Endpoint:
## Use the token to access Microsoft Defender for Endpoint API
252
253
253
254
1. Choose the API you want to use. For more information, see [Supported Microsoft Defender for Endpoint APIs](exposed-apis-list.md).
254
255
255
-
2. Set the Authorization header in the Http request you send to "Bearer {token}" (Bearer is the Authorization scheme). The Expiration time of the token is 1 hour (you can send more than one request with the same token).
256
+
2. Set the Authorization header in the Http request you send to `Bearer {token}` (Bearer is the Authorization scheme). The Expiration time of the token is one hour (you can send more than one request with the same token).
256
257
257
-
Here's an example of sending a request to get a list of alerts **using C#**
258
+
Here's an example of sending a request to get a list of alerts using C#:
0 commit comments