saying unauthorized.

91872652 0 Reputation points

We have started to get a number of false positives in Quarantine this last week. We have not changed anything but the basic answer I got from MSoft is - "good luck". These are not merely from external, but internal non-triggering emails and even notifications from Defender itself. It does not even recognize itself!

I suspect they may have meant to turn on Artificial Intelligence, but turned on Artificial Stupidity instead.

I have discovered I am not the only one this is happening to but for now, until MSoft realizes this is a problem and addresses it on their end, our solution would be to have a list of all quarantined items emailed to our IT staff to scan over.

Yes, btw, I do know there is a powershell that can do that (to head off that response) but we wanted to explore using the Graph API.

The query is a beta - GET but when I run it I get a 401 Unauthorized. I have approved the required permissions, both in the API Explorer and in Entra, but still get that response. Also, I am a Global Admin in this account.

Am I missing something or is this a case of - it's just broken?



Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
2,674 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
9,128 questions
0 comments No comments
{count} votes