Microsoft Defender for Endpoint for US Government customers

itay4 36 Reputation points
2024-11-13T16:35:30.6433333+00:00

Hi, are these endpoints still relevant? I'm having issues configuring them with GCC High.
https://learn.microsoft.com/en-us/defender-endpoint/gov#api

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,434 questions
{count} votes

1 answer

Sort by: Most helpful
  1. itay4 36 Reputation points
    2024-11-17T14:54:02.2+00:00

    Hi @Givary-MSFT
    How can I generate the authorization code for this API when using GCC High? Currently, I generate it as follows:

    https://login.microsoftonline.us/{client.tenant_id}/oauth2/v2.0/authorize?response_type=code&scope=offline_access%20https://securitycenter.onmicrosoft.us/windowsatpservice/.default&client_id={client.client_id}&redirect_uri={client.redirect_uri}
    

    However, I am encountering the following error:

    error=invalid_resource&error_description=AADSTS500011: The resource principal named https://securitycenter.onmicrosoft.us/x was not found in the tenant named x This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

    Trace ID: e87d1078-4966-4a0a-a48f-d7b92a904d01 Correlation ID: 74c2b37b-da83-4f9b-b2ab-8e198952247b

    Could you help check this?Additionally, is it possible that my organization does not allow the use of authorization code flow in GCC High? How can I verify this?

    Thanks.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.