I am using this API "https://graph.microsoft.com/v1.0/security/secureScores" this API only needs authorization token. I am getting the response as below
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#security/secureScores",
"value": [
{
"id": "a28016a7-6135-43f2-8ea0-37ada6ae567c_2023-01-10",
"azureTenantId": "a28016a7-6135-43f2-8ea0-37ada6ae567c",
"activeUserCount": 17,
"createdDateTime": "2023-01-10T00:00:00Z",
"currentScore": 342.94,
"enabledServices": [
"HasAADP1",
"HasAADP2",
"HasCASD",
"HasMDEP2"
],
"licensedUserCount": 29,
"maxScore": 863.0,
"vendorInformation": {
"provider": "SecureScore",
"providerVersion": null,
"subProvider": null,
"vendor": "Microsoft"
},
"averageComparativeScores": [
{
"basis": "AllTenants",
"averageScore": 47.96,
"appsScore": 28.74,
"appsScoreMax": 83.33,
"dataScore": 0.59,
"dataScoreMax": 4.38,
"deviceScore": 10.45,
"deviceScoreMax": 19.92,
"identityScore": 34.94,
"identityScoreMax": 61.23,
"infrastructureScore": 0.0,
"infrastructureScoreMax": 0.0
},
{
"basis": "TotalSeats",
"averageScore": 46.77,
"SeatSizeRangeLowerValue": "1",
"SeatSizeRangeUpperValue": "100",
"appsScore": 29.72,
"appsScoreMax": 89.13,
"dataScore": 0.58,
"dataScoreMax": 4.72,
"deviceScore": 7.19,
"deviceScoreMax": 13.78,
"identityScore": 34.88,
"identityScoreMax": 61.1,
"infrastructureScore": 0.0,
"infrastructureScoreMax": 0.0
}
],
"controlScores": [
{
"controlCategory": "Identity",
"controlName": "RoleOverlap",
"description": "Ensure that your administrators can accomplish their work with the least amount of privilege assigned to their account. Assigning users roles like Password Administrator or Exchange Online Administrator, instead of Global Administrator, reduces the likelihood of a global administrative privileged account being breached.",
"score": 1.0,
"count": "2",
"scoreInPercentage": 100.0,
"controlState": "active",
"IsApplicable": "true",
"lastSynced": "2023-01-09T00:00:00Z",
"implementationStatus": "You have 2 users with least privileged administrative roles.",
"IsEnforced": "false"
},
{
"controlCategory": "Identity",
"controlName": "UserRiskPolicy",
"description": "With the user risk policy turned on, Azure Active Directory detects the probability that a user account has been compromised. As an administrator, you can configure a user risk Conditional Access policy to automatically respond to a specific user risk level. For example, you can block access to your resources or require a password change to get a user account back into a clean state.",
"score": 0.0,
"count": "17",
"scoreInPercentage": 0.0,
"controlState": "active",
"IsApplicable": "true",
"lastSynced": "2023-01-09T00:00:00Z",
"implementationStatus": "You have 17 users out of 17 that do not have user risk policy enabled.",
"IsEnforced": "false",
"total": "17"
}
Note Previously this has one key State and now this is missing in the response . Is there any other API which consist of State or Status corresponding to "controlName": "UserRiskPolicy" this or other
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 15%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERL%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
From my findings, I was able to identify State property under SecureScoreControlStateUpdate, please look this if this is helpful.
https://learn.microsoft.com/en-us/graph/api/securescorecontrolprofile-update?view=graph-rest-1.0&tabs=http#request-body
