1

We were able to get 67 control details out of 100 controls using https://graph.microsoft.com/beta/security/secureScores graph API. The remaining 33 control details are not reflecting in API response, Is there any reason why these details are not in response? Or is there any specific permission required to get all 100 control details?

Below is the list of control names which we were not getting in API response data:

enter image description here

Himalay Kondekar
  • 146
  • 14
  • 1
    The api is beta. Maybe the PG won't want to support the 33 controls or still in developing. For permission: SecurityEvents.Read.All, SecurityEvents.ReadWrite.All. – Seiya Su Nov 29 '18 at 02:41
  • @SeiyaSu Thanks for the confirmation, I have granted right permissions to Azure AD application. And that's true, this is beta API but is there any other way to score these 33 controls/Actions? – Himalay Kondekar Nov 30 '18 at 05:47
  • I think the answer is no. Just as I have pointed above, maybe the PG won't plan to or still in developing the other controls/actions. I cannot found any official state for this now. Or we can research the azure docs, to see if have some api which Graph have not supported – Seiya Su Nov 30 '18 at 05:53

1 Answers1

1

All the controls are available via https://graph.microsoft.com/beta/security/secureScoreControlProfiles. Any controls not available via https://graph.microsoft.com/beta/security/secureScores but you can find in the secureScoreControlProfiles entity, you can assume the score is 0.

Jeff Sun
  • 11
  • 1