Generate block script - Cloud Discovery API

Note

• We've renamed Microsoft Cloud App Security. It's now called Microsoft Defender for Cloud Apps. In the coming weeks, we'll update the screenshots and instructions here and in related pages. For more information about the change, see this announcement. To learn more about the recent renaming of Microsoft security services, see the Microsoft Ignite Security blog.

• Microsoft Defender for Cloud Apps is now part of Microsoft 365 Defender. The Microsoft 365 Defender portal allows security admins to perform their security tasks in one location. This will simplify workflows, and add the functionality of the other Microsoft 365 Defender services. Microsoft 365 Defender will be the home for monitoring and managing security across your Microsoft identities, data, devices, apps, and infrastructure. For more information about these changes, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender.

Note

This request is not available for Office 365 Cloud App Security.

Run the GET request to get a block script for your network appliance.

HTTP request

GET /api/discovery_block_scripts/

Request URL parameters

Parameter	Description
format	The format of the network appliance.

The following formats are currently supported:

Appliance	Format
BlueCoat ProxySG	102
Cisco ASA	104
Fortinet FortiGate	108
Juniper SRX	129
Palo Alto	112
Websense	135
Zscaler	120

Note

If you can't find your appliance, generate a block script manually using the portal.

Response

This request returns the block script as text.

Example

Request

Here is an example of the request.

curl -XGET -H "Authorization:Token <your_token_key>" "https://<tenant_id>.<tenant_region>.contoso.com/api/discovery_block_scripts/?format=102&type=banned"

Response

url.domain=application.com deny
url.domain=application.be deny
url.domain=application.co deny

If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.