Have you confirmed the API works in https://developer.microsoft.com/en-us/graph/graph-explorer , try https://graph.microsoft.com/beta/security/tiIndicators followed by your api to see if access is working.
MDTI-Automated-Triage problems
WARNING! There was an error parsing the document
Hello, I set up MDTI-Automated-Triage playbook via MiMicrosoft Defender Threat Intelligence.
But It does not work well. I attached error message at the bottom.
<Status>
1. I add "Microsoft Sentinel Contributor" role at MDTI-Base and MDTI-Automated-Triage Logic Apps
1. I set up "MDTI-Base" Logic Apps
1. I set up app that "ThreatIntelligence.Read.All" API Permissions
![User's image](/api/attachments/69332d45-2fda-4f4d-81dd-be9afec0f9f4?platform=QnA)
Error message
![User's image](/api/attachments/004bd118-7ec9-4d13-b9b3-ff71da4a2a88?platform=QnA)
```json
{
"error": {
"code": "UnknownError",
"message": "{\"message\":\"Unable to retrieve organization data from Graph.\",\"requestID\":\"1435d451-092b-460b-\",\"error\":\"true\",\"status\":0}",
"innerError": {
"date": "2024-01-12T06:27:20",
"request-id": "555ee5fe-ac89b",
"client-request-id": "555ee5fe-ac89"
}
}
}
3 answers
Sort by: Most helpful
-
-
mara7 161 Reputation points
2024-01-15T01:24:09.8066667+00:00 I think, Its reason is that I have no premium License.
Is it Right?
---Hello, I tried https://graph.microsoft.com/beta/security/threatIntelligence/hosts('hostIP')/reputation at https://developer.microsoft.com/en-us/graph/graph-explorer But I got this result.
I just follow https://github.com/microsoftgraph/microsoft-graph-docs-contrib/blob/main/api-reference/beta/api/security-host-get.md this docs. But I don't know Why do I got this result.
-
Shweta Mathur 27,456 Reputation points Microsoft Employee
2024-01-18T09:09:12.9+00:00 @mara7
You need to sign in to Graph Explorer first to authenticate your account. Once you will sign in, you will see a pop up asking for consent to use some basic API and Graph Explorer will able to access data from your organization/tenant.Then you need to provide ThreatIntelligence.Read.All permissions to Graph Explorer to get data using this API by clicking on Consent to permissions
Once consent has been provided, you can try to access to below API link https://graph.microsoft.com/beta/security/threatIntelligence/hosts('hostIP')/reputation Hope this will help.
Thanks,
Shweta