Setting a Microsoft 365 alert programmatically using Graph API

L Barrera 20 Reputation points
2023-05-16T15:04:03.5433333+00:00

I'm trying to create al alert that tell me when a connection is attempted from certain e-mail addresses.

$newAlert = Invoke-RestMethod -Uri $alertUrl -Method Post -Headers $authHeader -Body $alertBody

I got the following error: (token and all parameters seem to be OK)

Invoke-RestMethod: {"error":{"code":"","message":"POST is not supported"...

Thus, it seems that the GRAPH api does not allow to set such alert. Or there might be another cause?

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,130 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,116 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,234 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 98,281 Reputation points MVP
    2023-05-17T07:26:25.16+00:00

    Which endpoint are you trying to use, it's not clear from your example? If you are trying to use the /security/alerts_v2 one, that's indeed the expected behavior, no POST method therein.

    If the idea is to generate some sort of notification when a specific user is logging in, you can use Activity alerts/Defender for Cloud apps activity policies: https://learn.microsoft.com/en-us/defender-cloud-apps/control-cloud-apps-with-policies

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful