Microsoft Security | Microsoft Graph
An API that connects multiple Microsoft services, enabling data access and automation across platforms
Intermittent 403 "UnknownError" from Microsoft Graph Security Alerts API
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 79%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EF%3C/text%3E%3C/svg%3E)
fs
5
Reputation points
We are using the Microsoft Graph API (/security/alerts) to ingest security alerts. Our clients set up a Microsoft Entra ID app with SecurityEvents.Read.All permissions, and we use access tokens to fetch the alerts on their behalf.
Lately, some integrations have been intermittently receiving 403 errors with the response code "UnknownError". This issue is inconsistent, affecting only some customers, and seems to resolve itself for 12 hours before returning again.
We've confirmed that the permissions are correct and we're not hitting rate limits. Has anyone else seen this behavior, or know what could be causing it?
Microsoft Security | Microsoft Graph
{count} votes
-
CarlZhao-MSFT 46,406 Reputation points2024-10-30T10:24:05.6+00:00 Hi @fs
This looks like an unknown API error. I recommend you open a support ticket to confirm the cause of the issue with the Microsoft Support team.
Sign in to comment
Sign in to answer