Reputation: 736
Ingesting Office 365 Alerts with Graph Security API: Set permissions in Azure AD
I'm trying to help someone to ingest Office 365 Alerts with the Graph Security API. This requires SecurityEvents.ReadAll as minimum permission. The docs mention that the permission setting is done in the Microsoft Graph API Explorer (see e.g. this blog). However, the account admin insists on setting the permissions using Azure AD. The question is how that is actually done. Azure AD / Enterprise Applications / Graph Explorer apparently doesn’t list any permissions. Would anyone know how to achieve this?
Many thanks!
Upvotes: 0
Views: 651
Answers (1)
Reputation: 16458
If you want to test Graph Security API in Microsoft Graph Explorer, your just need to set SecurityEvents.Read.All in Microsoft Graph Explorer.
If you want to call Graph Security API in your app, you should set SecurityEvents.Read.All in the app registered on Azure portal.
You could refer to Authentication and authorization basics for Microsoft Graph to learn more about how to handle the permissions and authorization to call Microsoft Graph API.
Upvotes: 2
Related Questions
- Graph API permission for non-admin
- MSI Permissions for Graph API
- Azure API permissions for Graph API
- API Permission Status not granted warning in Azure AD Application API Permission
- Microsoft Graph API Permissions
- Why doesn't my Azure Active Directory auth token contain permissions for MS Graph?
- Azure AD application permission with scopping
- Azure Active directory API permissions
- Pulling Azure Security data into Power BI Desktop using Graph Security API: How to set permissions in Azure AD
- Microsoft Graph API Permissions for non-admins?