API response query "https://graph.microsoft.com/v1.0/security/secureScores"

Riya Lamba 21 Reputation points
2023-01-10T08:45:31.537+00:00

I am using this API "https://graph.microsoft.com/v1.0/security/secureScores" this API only needs authorization token. I am getting the response as below { "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#security/secureScores", "value": [ { "id": "a28016a7-6135-43f2-8ea0-37ada6ae567c_2023-01-10", "azureTenantId": "a28016a7-6135-43f2-8ea0-37ada6ae567c", "activeUserCount": 17, "createdDateTime": "2023-01-10T00:00:00Z", "currentScore": 342.94, "enabledServices": [ "HasAADP1", "HasAADP2", "HasCASD", "HasMDEP2" ], "licensedUserCount": 29, "maxScore": 863.0, "vendorInformation": { "provider": "SecureScore", "providerVersion": null, "subProvider": null, "vendor": "Microsoft" }, "averageComparativeScores": [ { "basis": "AllTenants", "averageScore": 47.96, "appsScore": 28.74, "appsScoreMax": 83.33, "dataScore": 0.59, "dataScoreMax": 4.38, "deviceScore": 10.45, "deviceScoreMax": 19.92, "identityScore": 34.94, "identityScoreMax": 61.23, "infrastructureScore": 0.0, "infrastructureScoreMax": 0.0 }, { "basis": "TotalSeats", "averageScore": 46.77, "SeatSizeRangeLowerValue": "1", "SeatSizeRangeUpperValue": "100", "appsScore": 29.72, "appsScoreMax": 89.13, "dataScore": 0.58, "dataScoreMax": 4.72, "deviceScore": 7.19, "deviceScoreMax": 13.78, "identityScore": 34.88, "identityScoreMax": 61.1, "infrastructureScore": 0.0, "infrastructureScoreMax": 0.0 } ], "controlScores": [ { "controlCategory": "Identity", "controlName": "RoleOverlap", "description": "Ensure that your administrators can accomplish their work with the least amount of privilege assigned to their account. Assigning users roles like Password Administrator or Exchange Online Administrator, instead of Global Administrator, reduces the likelihood of a global administrative privileged account being breached.", "score": 1.0, "count": "2", "scoreInPercentage": 100.0, "controlState": "active", "IsApplicable": "true", "lastSynced": "2023-01-09T00:00:00Z", "implementationStatus": "You have 2 users with least privileged administrative roles.", "IsEnforced": "false" }, { "controlCategory": "Identity", "controlName": "UserRiskPolicy", "description": "With the user risk policy turned on, Azure Active Directory detects the probability that a user account has been compromised. As an administrator, you can configure a user risk Conditional Access policy to automatically respond to a specific user risk level. For example, you can block access to your resources or require a password change to get a user account back into a clean state.", "score": 0.0, "count": "17", "scoreInPercentage": 0.0, "controlState": "active", "IsApplicable": "true", "lastSynced": "2023-01-09T00:00:00Z", "implementationStatus": "You have 17 users out of 17 that do not have user risk policy enabled.", "IsEnforced": "false", "total": "17" }

Note Previously this has one key State and now this is missing in the response . Is there any other API which consist of State or Status corresponding to "controlName": "UserRiskPolicy" this or other

Microsoft Graph Explorer API
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,725 questions
No comments
{count} votes

Accepted answer
  1. SaranyaMadhu-MSFT 306 Reputation points Microsoft Employee
    2023-01-10T17:55:31.75+00:00

    Hello @Riya Lamba ,

    Based on my investigation, SecureScore Graph API does not have any property State as per the documentation, please find the screenshot with all the properties available in SecureScore https://learn.microsoft.com/en-us/graph/api/resources/securescore?view=graph-rest-1.0#properties

    ![278009-image.png From my findings, I was able to identify State property under SecureScoreControlStateUpdate, please look this if this is helpful. https://learn.microsoft.com/en-us/graph/api/securescorecontrolprofile-update?view=graph-rest-1.0&tabs=http#request-body 278010-image.png

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

    No comments

2 additional answers

Sort by: Most helpful
  1. Riya Lamba 21 Reputation points
    2023-01-11T07:07:10.3933333+00:00

    On which basis we calculate the status ??

    No comments

  2. Riya Lamba 21 Reputation points
    2023-01-11T07:08:43.37+00:00

    On the UI i am able to see the Status As Complete To Address. Does Points Achieved is somehow impacting Status ??

    In the API response i am able to see one parameter
    "scoreInPercentage": 100.0,
    what does this means. ??

    No comments