Forum Discussion
Microsoft Defender "XDR" endpoint API Access (Powershell Script)
Hi Everyone,
We are trying to access different part of Microsoft Defender.
More precisely Endpoint after the XDR integration.
We want to be able to get the different Permission Role and Device Group created.
Also, the list of all advanced feature if they are enabled or not.
We want to be able to get information like this
The thing is, we try in a lot of way and could not find documentation about this precise request.
We try with Graph Api and Rest Api.
Always got error 401 (No permission).
Could it be that those API are Private API from Microsoft ?
https://security.microsoft.com/apiproxy/mtp/rbacManagementApi/rbac/user_roles
https://security.microsoft.com/apiproxy/mtp/rbacManagementApi/rbac/machine_groups
https://security.microsoft.com/apiproxy/mtp/settings/GetAdvancedFeaturesSetting
- I was trying similar things, by reverse engineering what happens in the browser. I am able to authenticate, but still Error 500. I guess that's because my headers and/or cookies are not right.
I am afraid these are proprietary API calls for MSFT internal use, not published, therefore not usable by people like you and me.- Hi Andre,
I think you are right. Thank you for taking the time to test.
