Use the Microsoft Graph threat assessment API
The Microsoft Graph threat assessment API helps organizations to assess the threat received by any user in a tenant. This empowers customers to report spam emails, phishing URLs or malware attachments they receive to Microsoft. The policy check result and rescan result can help tenant administrators understand the threat scanning verdict and adjust their organizational policy.
Authorization
Microsoft Graph controls access to resources via permissions. You must specify the permissions you need in order to access threat assessment resources. Typically, you specify permissions in the Microsoft Entra admin center. For more information, see Microsoft Graph permissions reference and Threat assessment permissions.
Common use cases
The Microsoft Graph threat assessment API provides methods to list, create, and get threat assessment requests and retrieve the assessment results.
| Use cases | REST resources | See also |
|---|---|---|
| List, create, and get threat assessment requests | threatAssessmentRequest mailAssessmentRequest emailFileAssessmentRequest fileAssessmentRequest urlAssessmentRequest |
Create threatAssessmentRequest Get threatAssessmentRequest List threatAssessmentRequest |
| Get threat assessment results | threatAssessmentResult | Get threatAssessmentResult |
Next steps
Threat assessment resources and APIs can open up new ways for you to engage with users and manage their experiences with Microsoft Graph. To learn more:
- Drill down on the methods, properties, and relationships of the threat assessment request and threat asessment result resources.
- Try the API in the Graph Explorer.