Supported Microsoft Defender XDR APIs
Applies to:
- Microsoft Defender XDR
Note
Try our new APIs using MS Graph security API. Find out more at: Use the Microsoft Graph security API - Microsoft Graph | Microsoft Learn.
Important
Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
List of available APIs
Article | Description |
---|---|
Advanced Hunting API | Run Advanced Hunting queries. |
Incident APIs | List and update incidents, along with other practical tasks. |
Streaming API | Ship real-time events and alerts as they occur in a single data stream. |
Endpoint URIs
The base URI for both of the main APIs is: https://api.security.microsoft.com. For better performance, use a server closer to your geolocation:
- The United States: api-us.security.microsoft.com
- Europe: api-eu.security.microsoft.com
- The United Kingdom: api-uk.security.microsoft.com
Tokens can be acquired by accessing https://api.security.microsoft.com.
All APIs along the /api
path use the OData Protocol; for example, https://api.security.microsoft.com/api/incidents.
Related articles
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender XDR Tech Community.
피드백
https://aka.ms/ContentUserFeedback
출시 예정: 2024년 내내 콘텐츠에 대한 피드백 메커니즘으로 GitHub 문제를 단계적으로 폐지하고 이를 새로운 피드백 시스템으로 바꿀 예정입니다. 자세한 내용은 다음을 참조하세요.다음에 대한 사용자 의견 제출 및 보기