I built a script to try call Windows Defender https://api.security.microsoft.com/api/alerts API. i was able to retrieve a JWT but when i tried to hit the api end point i kept getting below error.
{ "error": { "code": "Unauthorized", "message": "Unauthorized request - No active license found", "target": "|3defab3c-436edc959eec30d4." } }
I confirmed that my org has Windows Defender Plan 2 and the registered APP has the correct permission to call alerts API endpoint.
Any helps / suggestions will be greatly appreciated