Skip to content

serviceprincipalriskdetection-get.md

Latest commit

 

History

History
137 lines (110 loc) · 5.12 KB

serviceprincipalriskdetection-get.md

File metadata and controls

137 lines (110 loc) · 5.12 KB
title Get servicePrincipalRiskDetection
description Read the properties and relationships of a servicePrincipalRiskDetection object.
author ebasseri
ms.localizationpriority medium
ms.subservice entra-sign-in
doc_type apiPageType
ms.date 10/17/2024

Get servicePrincipalRiskDetection

Namespace: microsoft.graph

[!INCLUDE beta-disclaimer]

Read the properties and relationships of a servicePrincipalRiskDetection object.

Note: You must have a Microsoft Entra Workload ID Premium license to use the servicePrincipalRiskDetection API.

[!INCLUDE national-cloud-support]

Permissions

Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.

[!INCLUDE permissions-table]

[!INCLUDE rbac-identity-protection-apis-read]

HTTP request

GET /identityProtection/servicePrincipalRiskDetections/{servicePrincipalRiskDetectionId}

Request headers

Name Description
Authorization Bearer {token}. Required. Learn more about authentication and authorization.
Content-Type application/json

Request body

Don't supply a request body for this method.

Response

If successful, this method returns a 200 OK response code and a servicePrincipalRiskDetection object in the response body.

Example: Get a specific risk detection object

Request

HTTP

GET https://graph.microsoft.com/beta/identityProtection/servicePrincipalRiskDetections/{servicePrincipalRiskDetectionId}

C#

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Go

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Java

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

JavaScript

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PHP

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

PowerShell

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Python

[!INCLUDE sample-code] [!INCLUDE sdk-documentation]

Response

Note: The response object shown here might be shortened for readability.

HTTP/1.1 200 OK
Content-Type: application/json

{
  "value": {
    "@odata.type": "#microsoft.graph.servicePrincipalRiskDetection",
    "id": "2856d6e87c5c3a74021ff70291fa68107570c150d8dc145bdea5",
    "requestId": null,
    "correlationId": null,
    "riskEventType": "investigationsThreatIntelligence",
    "riskState": "atRisk",
    "riskLevel": "high",
    "riskDetail": "none",
    "source": "IdentityProtection",
    "detectionTimingType": "offline",
    "activity": "servicePrincipal",
    "tokenIssuerType": "AzureAD",
    "ipAddress": null,
    "location": null,
    "activityDateTime": "2021-10-26T00:00:00Z",
    "detectedDateTime": "2021-10-26T00:00:00Z",
    "lastUpdatedDateTime": "2021-10-26T16:28:17.8202975Z)",
    "servicePrincipalId": "99b8d28b-11ae-4e84-9bef-0e767e286grg",
    "servicePrincipalDisplayName": "Contoso App",
    "appId": "0grb38ac-a572-491d-a9db-b07197643457",
    "keyIds": [
      "9d9fea30-d8e3-481b-b57c-0ef569a989e5"
    ],
    "additionalInfo": "[{\"Key\":\"alertUrl\",\"Value\":null}]"
  }
}