API Explorer

Applies to:

The Microsoft Defender for Endpoint API Explorer is a tool that helps you explore various Defender for Endpoint APIs interactively.

The API Explorer makes it easy to construct and do API queries, test, and send requests for any available Defender for Endpoint API endpoint. Use the API Explorer to take actions or find data that might not yet be available through the user interface.

The tool is useful during app development. It allows you to perform API queries that respect your user access settings, reducing the need to generate access tokens.

You can also use the tool to explore the gallery of sample queries, copy result code samples, and generate debug information.

With the API Explorer, you can:

  • Run requests for any method and see responses in real-time.
  • Quickly browse through the API samples and learn what parameters they support.
  • Make API calls with ease; no need to authenticate beyond the management portal signin.

Access API Explorer

From the left navigation menu, select Partners & APIs > API Explorer.

Supported APIs

API Explorer supports all the APIs offered by Defender for Endpoint.

The list of supported APIs is available in the APIs documentation.

Get started with the API Explorer

  1. In the left pane, there's a list of sample requests that you can use.
  2. Follow the links and click Run query.

Some of the samples may require specifying a parameter in the URL, for example, {machine- ID}.

FAQ

Do I need to have an API token to use the API Explorer?
Credentials to access an API aren't needed. The API Explorer uses the Defender for Endpoint management portal token whenever it makes a request.

The logged-in user authentication credential is used to verify that the API Explorer is authorized to access data on your behalf.

Specific API requests are limited based on your RBAC privileges. For example, a request to "Submit indicator" is limited to the security admin role.

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.