Share via

Inquiry About Accessing Multi-Tenant Alerts and Incidents via API

Nicholas Lim 0 Reputation points
2024-07-25T23:35:17.0633333+00:00

I am currently working on integrating Microsoft Defender with our system and have encountered an issue. In the Multi-Tenant Management portal, I can view multi-tenant alerts and incidents without any problems. However, I am unable to access the same information through the Graph API or any other API.

I have created an app registration in my Azure tenancy as a multi-tenant application, and use this to call the Graph API alerts and incidents, however only information from one tenant is returned, rather than multi-tenant.

Could you please clarify if there's a specific API, such as the Graph API or a dedicated Defender API, that allows querying multi-tenant alerts and incidents?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,265 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.