0

I'm trying to help someone to ingest Office 365 Alerts with the Graph Security API. This requires SecurityEvents.ReadAll as minimum permission. The docs mention that the permission setting is done in the Microsoft Graph API Explorer (see e.g. this blog). However, the account admin insists on setting the permissions using Azure AD. The question is how that is actually done. Azure AD / Enterprise Applications / Graph Explorer apparently doesn’t list any permissions. Would anyone know how to achieve this?

Many thanks!

Marc LaFleur
  • 31,987
  • 4
  • 37
  • 63
Andreas
  • 716
  • 4
  • 14

1 Answers1

2

If you want to test Graph Security API in Microsoft Graph Explorer, your just need to set SecurityEvents.Read.All in Microsoft Graph Explorer. enter image description here

If you want to call Graph Security API in your app, you should set SecurityEvents.Read.All in the app registered on Azure portal. enter image description here

You could refer to Authentication and authorization basics for Microsoft Graph to learn more about how to handle the permissions and authorization to call Microsoft Graph API.

Allen Wu
  • 15,529
  • 1
  • 9
  • 20