Without given code
I work for a company that is looking to switch from using Microsoft Graph API alerts_v1 to alerts_v2.
I have developed a script that works successfully for the v1 version. However, the script that I build for the v2 version doesn't fully work, I encounter an authentication error that occurs during the testing phase.
The error message indicates that the application is missing certain application roles that are necessary for the API to operate correctly. These required roles include SecurityAlert.Read.All, SecurityAlert.ReadWrite.All, SecurityIncident.Read.All, SecurityIncident.ReadWrite.All, as well as application roles like SecurityActions.ReadWrite.All, SecurityEvents.Read.All, ThreatIndicators.ReadWrite.OwnedBy, SecurityEvents.ReadWrite.All, SecurityActions.Read.All, and AuditLog.Read.All.
I have been unable to find any helpful information about why these roles are necessary through online searches, and I am hoping someone can provide me with more guidance on this issue.
Output of the runned script: {"error":{"code":"Forbidden","message":"Missing application roles. API required roles: SecurityAlert.Read.All,SecurityAlert.ReadWrite.All,SecurityIncident.Read.All,SecurityIncident.ReadWrite.All, application roles: SecurityActions.ReadWrite.All,SecurityEvents.Read.All,ThreatIndicators.ReadWrite.OwnedBy,SecurityEvents.ReadWrite.All,SecurityActions.Read.All,AuditLog.Read.All.","innerError":{"date":"2023-05-03T11:51:41","request-id":"11111-11111-11111-1111","client-request-id":"111111-111111-1111111-11111"}}} [{'ERROR': 403}]
In an attempt to resolve the authentication error that occurs when testing the Microsoft Graph API alerts_v2 with a script that previously worked for alerts_v1, I have tried testing different parts of the script to see if I can gather more information. I was hoping to find some useful output that could help me configure the config file for the tenant ID, among other things.
Additionally, I have conducted extensive online searches to learn more about the migration process and the alerts_v2 functionality, as the Microsoft documentation for the Graph API can be difficult to navigate. Unfortunately, my efforts have not yielded any helpful information so far.
My primary goal is to gain a better understanding of why the application requires such extensive permissions and how I might be able to prevent this from happening in the future to ensure the application works as a whole.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 43%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 3%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET4%3C/text%3E%3C/svg%3E)
