Microsoft Cloud Apps

the microsoft defender for cloud apps provides programmatic access to defender for cloud apps through rest api endpoints prerequisites the connector requires access token to access defender for cloud apps api with application context for more details, see https //learn microsoft com/en us/defender cloud apps/api authentication capabilities this connector provides the following capabilities close benign close false positive close true positive create ip address range fetch alert fetch entity fetch entity tree fetch file generate block script initiate file upload list alerts list continuous report category list continuous reports list entities list files and so on close benign for input reasonid , https //learn microsoft com/en us/defender cloud apps/api alerts close benign close false positive for input reasonid , https //learn microsoft com/en us/defender cloud apps/api alerts close false positive create ip address range for input category , https //learn microsoft com/en us/defender cloud apps/api data enrichment create fetch entity the input entity id is a dictionary with the entity id, saas, and instance details encoded as a base64 string for example {"id" "3fa9f28b eb0e 463a ba7b 8089fe9991e2","saas" 11161 ,"inst" 0 } encoded as a base64 string generate block script for input format , following formats are currently supported appliance format bluecoat proxysg 102 cisco asa 104 fortinet fortigate 108 juniper srx 129 palo alto 112 websense 135 zscaler 120 initiate file upload for input source , https //learn microsoft com/en us/defender cloud apps/api discovery initiate list alerts for input filters see https //learn microsoft com/en us/defender cloud apps/api alerts#filters for more details list entities for input sortfield , choose from following values displayname score for input filters see https //learn microsoft com/en us/defender cloud apps/api entities#filters for more details list files for input filters see https //learn microsoft com/en us/defender cloud apps/api files#filters for more details list ip ranges for input filters see https //learn microsoft com/en us/defender cloud apps/api data enrichment#filters for more details the input sortfield is used to sort ip ranges possible values are category tags name manage ip address range for input filters see https //learn microsoft com/en us/defender cloud apps/api data enrichment#filters for more details update ip address range the input category , is the id of the range category providing a category helps you easily recognize activities from interesting ip addresses possible values include 1 corporate 2 administrative 3 risky 4 vpn 5 cloud provider 6 other notes https //learn microsoft com/en us/defender cloud apps/api introduction configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required access token access token string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions close benign close multiple alerts matching the specified filters as benign endpoint url /api/v1/alerts/close benign/ method post input argument name type required description filters object optional parameter for close benign comment string optional parameter for close benign reasonid number optional unique identifier sendfeedback boolean optional parameter for close benign feedbacktext string optional parameter for close benign allowcontact boolean optional parameter for close benign contactemail string optional parameter for close benign input example {"json body" {"filters" {},"comment" "irrelevant","reasonid" 5,"sendfeedback"\ true,"feedbacktext" "feedback text","allowcontact"\ true,"contactemail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase closed benign number output field closed benign output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 34 52 gmt","content type" "application/json","content length" "20","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "cadb6340 0767 4a0b b6e close false positive this is a request to close multiple alerts matching the specified filters as false positive endpoint url /api/v1/alerts/close false positive/ method post input argument name type required description filters object optional parameter for close false positive comment string optional parameter for close false positive reasonid number optional unique identifier sendfeedback boolean optional parameter for close false positive feedbacktext string optional parameter for close false positive allowcontact boolean optional parameter for close false positive contactemail string optional parameter for close false positive input example {"json body" {"filters" {},"comment" "irrelevant","reasonid" 0,"sendfeedback"\ true,"feedbacktext" "feedback text","allowcontact"\ true,"contactemail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase closed false positive number output field closed false positive output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 46 02 gmt","content type" "application/json","content length" "28","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "0d9ae7f9 6ae5 4aa3 88f close true positive close multiple alerts matching the specified filters as true positive endpoint url /api/v1/alerts/close true positive/ method post input argument name type required description filters object optional parameter for close true positive comment string optional parameter for close true positive sendfeedback boolean optional parameter for close true positive feedbacktext string optional parameter for close true positive allowcontact boolean optional parameter for close true positive contactemail string optional parameter for close true positive input example {"json body" {"filters" {},"comment" "irrelevant","sendfeedback"\ true,"feedbacktext" "feedback text","allowcontact"\ true,"contactemail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase closed true positive number output field closed true positive output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 46 58 gmt","content type" "application/json","content length" "27","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "03c75f53 d5b8 4d3e bb8 create ip address range run the post request to add a new ip address range endpoint url /api/v1/subnet/create rule/ method post input argument name type required description name string optional name of the resource category number optional parameter for create ip address range organization string optional parameter for create ip address range subnets array optional parameter for create ip address range tags array optional parameter for create ip address range input example {"json body" {"name" "range name","category" 5,"organization" "microsoft","subnets" \["192 168 1 0/24","192 168 2 0/16"],"tags" \["existing tag"]}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 00 23 gmt","content type" "application/json","content length" "26","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "script src 'self' 'unsafe eval' 'unsafe inline' dev virtualearth net cdn cloudap ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "0d231409 732d 4d3e 8c0 delete ip address range run the delete request to delete an ip address range endpoint url /api/v1/subnet/{{ip range id}}/ method delete input argument name type required description path parameters ip range id string required parameters for the delete ip address range action input example {"path parameters" {"ip range id" "64d23c67d0b71bb8e300b276"}} output parameter type description status code number http status code of the response reason string response reason phrase response text string output field response text output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 17 28 gmt","content length" "0","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "d980baba a243 43f0 a1ed d8 fetch alert run the get request to fetch the alert matching the specified primary key endpoint url /api/v1/alerts/{{alert id}}/ method get input argument name type required description path parameters alert id string required parameters for the fetch alert action input example {"path parameters" {"alert id" "603f704aaf7417985bbf3b22"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier contextid string unique identifier description string output field description entities array output field entities entities entityrole string output field entities entityrole entities entitytype number type of the resource entities id string unique identifier entities inst number output field entities inst entities label string output field entities label entities pa string output field entities pa entities saas number output field entities saas entities type string type of the resource entities policytype string type of the resource idvalue number unique identifier issystemalert boolean output field issystemalert resolutionstatusvalue number status value severityvalue number value for the parameter statusvalue number status value stories array output field stories threatscore number score value timestamp number output field timestamp title string output field title comment string output field comment output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 25 08 gmt","content type" "application/json","content length" "30","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","requ fetch entity run the get request to fetch the entity matching the specified primary key endpoint url /api/v1/entities/{{entity id}}/ method get input argument name type required description path parameters entity id string required parameters for the fetch entity action input example {"path parameters" {"entity id" "eyjpzci6ijy3ogy4mgu1lwu1mdytngyxmc04otvklwjmnjy0njk5ndc1zcisinnhyxmiojexmtyxlcjpbnn0ijowfq=="}} output parameter type description status code number http status code of the response reason string response reason phrase type number type of the resource status number status value displayname string name of the resource id string unique identifier id string unique identifier usergroups array output field usergroups usergroups id string unique identifier usergroups id string unique identifier usergroups name string name of the resource usergroups description string output field usergroups description usergroups userscount number count value identifiers array unique identifier identifiers type number unique identifier identifiers status number unique identifier identifiers displayname string unique identifier sid object unique identifier appdata object response data appdata appid number response data appdata name string response data appdata saas number response data appdata instance number response data isadmin boolean output field isadmin isexternal boolean output field isexternal output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 36 40 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no stor fetch entity tree run the get request to fetch all entities related to the entity matching the specified primary key endpoint url /api/v1/entities/{{entity id}}/retrieve tree/ method get input argument name type required description path parameters entity id string required a dictionary with the entity id, saas, and inst details encoded as a base64 string input example {"path parameters" {"entity id" "eyjpzci6ijy3ogy4mgu1lwu1mdytngyxmc04otvklwjmnjy0njk5ndc1zcisinnhyxmiojexmtyxlcjpbnn0ijowfq=="}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data type number response data data status number response data data displayname string response data data id string response data data id string response data data usergroups array response data data usergroups file name string response data data usergroups file string response data data identifiers array response data data identifiers type number response data data identifiers status number response data data identifiers displayname string response data data sid object response data data appdata object response data data appdata appid number response data data appdata name string response data data appdata saas number response data data appdata instance number response data data isadmin boolean response data data isexternal boolean response data data email string response data data role string response data output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 06 35 49 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, head, options","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "d283a942 fetch file run the get request to fetch the file matching the specified primary key endpoint url /api/v1/files/{{file id}}/ method get input argument name type required description path parameters file id string required parameters for the fetch file action input example {"path parameters" {"file id" "603f704aaf7417985bbf3b22"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 27 20 gmt","content type" "application/json","content length" "30","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","requ generate block script run the get request to get a block script for your network appliance endpoint url /api/discovery block scripts/ method get input argument name type required description parameters format number optional parameters for the generate block script action input example {"parameters" {"format" 102}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data appid number response data data domainlist array response data data name string response data data security object response data data security mfa object response data data security adminaudittrail object response data data security anonymous usage object response data data security cert object response data data security cert badcommonname object response data data security cert hostnamemismatch object response data data security cert insecuresignature object response data data security cert isblacklisted object response data data security cert isrevoked object response data data security cert nochainoftrust object response data data security cert notafter object response data data security cert notbefore object response data data security cert selfsigned object response data data security certistrusted boolean response data data security dataaudittrail object response data data security dataclassification object response data data security dataencrypted object response data output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 10 08 34 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "322 initiate file upload run the get request to initiate the upload process endpoint url /api/v1/discovery/upload url/ method get input argument name type required description parameters filename string required parameters for the initiate file upload action parameters source string optional parameters for the initiate file upload action input example {"parameters" {"filename" "my discovery file txt","source" "generic cef"}} output parameter type description status code number http status code of the response reason string response reason phrase url string url endpoint for the request provider string unique identifier output example {"status code" 200,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 09 26 53 gmt","content type" "application/json","content length" "258","connection" "keep alive","allow" "get, options","vary" "origin, cookie","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "70a94534 d0d1 4dc6 a83b 6448d7 list alerts fetch a list of alerts matching the specified filters endpoint url /api/v1/alerts/ method post input argument name type required description filters object optional parameter for list alerts sortdirection string optional parameter for list alerts sortfield string optional parameter for list alerts skip number optional parameter for list alerts limit number optional parameter for list alerts input example {"json body" {"filters" {},"sortdirection" "asc","sortfield" "severity","skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data contextid string response data data description string response data data entities array response data data entities id string response data data entities label string response data data entities policytype string response data data entities type string response data data entities em string response data data entities entitytype number response data data entities inst number response data data entities pa string response data data entities saas number response data data evidence array response data data evidence title object response data data evidence title template string response data data evidence title parameters mitre object parameters for the list alerts action data evidence title parameters tactic string parameters for the list alerts action data idvalue number response data data intent array response data data issystemalert boolean response data data resolutionstatusvalue number response data output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 32 02 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "5bf list continuous report categories run the post request to fetch a list of categories associated with a continuous report endpoint url /api/v1/discovery/discovered apps/categories/ method post input argument name type required description filters object optional parameter for list continuous report categories filters id object optional unique identifier filters id eq array optional unique identifier filters sortdirection string optional parameter for list continuous report categories filters sortfield string optional parameter for list continuous report categories filters skip number optional parameter for list continuous report categories filters limit number optional parameter for list continuous report categories filters streamid string optional unique identifier filters timeframe string optional parameter for list continuous report categories input example {"json body" {"filters" {"id" {"eq" \["64499022ab22621e53dd7865"]},"sortdirection" "asc","sortfield" "score","skip" 5,"limit" 10,"streamid" "64499022ab22621e53dd7865","timeframe" "7"}}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data total number response data output example {"status code" 200,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 11 29 56 gmt","content type" "application/json","content length" "665","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "8242cc19 b920 4890 88 list continuous reports run the get request to fetch a list of continuous reports endpoint url api/discovery/streams/ method get input argument name type required description data body object optional data body headers object optional request headers input example {"path parameters" {},"parameters" {},"data body" {},"headers" {}} output parameter type description status code number http status code of the response reason string response reason phrase streams array output field streams streams id string unique identifier streams logtype number type of the resource streams builtinstreamtype number type of the resource streams displayname string name of the resource streams streamtype number type of the resource streams snapshotdata boolean response data streams created string output field streams created streams ismanual boolean output field streams ismanual streams canupdatemasterstream boolean output field streams canupdatemasterstream streams supportedtraffictypes array type of the resource streams supportedtraffictypes file name string name of the resource streams supportedtraffictypes file string type of the resource streams supportedentitytypes array type of the resource streams supportedentitytypes file name string name of the resource streams supportedentitytypes file string type of the resource streams lastmodified string output field streams lastmodified streams receivertype string type of the resource streams tid number unique identifier streams lastdatareceived string response data streams logfileshistorycount number count value streams currentservicescollectionname string name of the resource streams globalaggregated boolean output field streams globalaggregated output example {"status code" 200,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 11 17 03 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","allow" "options, get","vary" "origin, cookie","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "ab1cd0dd f15d 4cec b4c8 list entities run the post request to fetch a list of entities matching the specified filters endpoint url /api/v1/entities/ method post input argument name type required description filters object optional parameter for list entities sortdirection string optional parameter for list entities sortfield string optional parameter for list entities skip number optional parameter for list entities limit number optional parameter for list entities input example {"json body" {"filters" {},"sortdirection" "asc","sortfield" "displayname","skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data type number response data data status number response data data displayname string response data data id string response data data id string response data data usergroups array response data data usergroups id string response data data usergroups id string response data data usergroups name string response data data usergroups description string response data data usergroups userscount number response data data identifiers array response data data identifiers file name string response data data identifiers file string response data data sid object response data data appdata object response data data appdata appid number response data data appdata name string response data data appdata saas number response data data appdata instance number response data data isadmin boolean response data data isexternal boolean response data output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 28 05 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "42f list files post request to fetch a list of files matching the specified filters endpoint url /api/v1/files/ method post input argument name type required description filters object optional parameter for list files skip number optional parameter for list files limit number optional parameter for list files input example {"json body" {"filters" {},"skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data file name string response data data file string response data hasnext boolean output field hasnext max number output field max total number output field total morethantotal boolean output field morethantotal output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 04 30 gmt","content type" "application/json","content length" "69","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "344f5d14 b0 list ip ranges request to fetch a list of ip ranges matching the specified filters endpoint url /api/v1/subnet/ method post input argument name type required description filters object optional parameter for list ip ranges sortdirection string optional parameter for list ip ranges sortfield string optional parameter for list ip ranges skip number optional parameter for list ip ranges limit number optional parameter for list ip ranges input example {"json body" {"filters" {},"sortdirection" "asc","sortfield" "category","skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data name string response data data subnets array response data data subnets mask number response data data subnets address string response data data subnets originalstring string response data data location object response data data location name string response data data location latitude number response data data location longitude number response data data location countrycode string response data data location countryname string response data data organization string response data data tags array response data data tags id string response data data tags id string response data data tags target number response data data tags type number response data data tags name string response data data tags nametemplate object response data data tags nametemplate template string response data data tags description string response data output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 10 50 54 gmt","content type" "application/json","content length" "37","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "0ddaf22f 90 manage ip address range you can use the data enrichment apis to manage ip address ranges endpoint url /api/v1/subnet/ method post input argument name type required description filters object optional parameter for manage ip address range limit number optional parameter for manage ip address range input example {"json body" {"filters" {},"limit" 5}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data name string response data data subnets array response data data subnets mask number response data data subnets address string response data data subnets originalstring string response data data location object response data data organization object response data data tags array response data data tags file name string response data data tags file string response data data category number response data data lastmodified number response data data tid number response data hasnext boolean output field hasnext total number output field total output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 10 25 55 gmt","content type" "application/json","content length" "411","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "3c6cafdf 1 mark alert as read run the post request to mark the alert matching the specified primary key as read endpoint url /api/v1/alerts/{{alert id}}/read/ method post input argument name type required description path parameter object required parameter for the mark alert as read action path parameter alert id string required parameter for the mark alert as read action input example {"path parameter" {"alert id" "603f704aaf7417985bbf3b22"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 400,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 09 12 15 gmt","content type" "application/json","content length" "140","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","req mark alert as unread run the post request to mark the alert matching the specified primary key as unread endpoint url /api/v1/alerts/{{alert id}}/unread/ method post input argument name type required description path parameter object required parameter for the mark alert as unread action path parameter alert id string required parameter for the mark alert as unread action input example {"path parameter" {"alert id" "649cc0f3967076e7d60db283"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 400,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 09 18 39 gmt","content type" "application/json","content length" "144","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","req update ip address range run the post request to update an existing ip address range endpoint url /api/v1/subnet/{{ip range id}}/update rule/ method post input argument name type required description path parameters ip range id string required parameters for the update ip address range action name string optional name of the resource category number optional parameter for update ip address range organization string optional parameter for update ip address range subnets array optional parameter for update ip address range tags array optional parameter for update ip address range input example {"json body" {"name" "range name update","category" 5,"organization" "microsoft","subnets" \["192 168 1 0/24","192 168 2 0/16"],"tags" \["existing tag"]},"path parameters" {"ip range id" "64d23c67d0b71bb8e300b276"}} output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource subnets array output field subnets subnets mask number output field subnets mask subnets address string output field subnets address subnets originalstring string output field subnets originalstring location object output field location organization string output field organization tags array output field tags category number output field category lastmodified number output field lastmodified output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 09 35 gmt","content type" "application/json","content length" "364","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "script src 'self' 'unsafe eval' 'unsafe inline' dev virtualearth net cdn cloudap ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "7275323d 8fb4 4bc7 9a response headers header description example allow http response header allow get, post, head, options cache control directives for caching mechanisms no cache, no store connection http response header connection keep alive content encoding http response header content encoding gzip content length the length of the response body in bytes 364 content security policy http response header content security policy default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtualearth net cdn cloudappsecurity com cloudappsecurity rs azureedge net prodportalmfcdndfl azureedge net us2 portal cloudappsecurity com; font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn cloudappsecurity com cloudappsecurity rs azureedge net static2 sharepointonline com portal cloudappsecurity com portal cloudappsecurity com; img src 'self' 'self' data blob adaproddiscovery azureedge net cdn cloudappsecurity com cloudappsecurity rs azureedge net prod03use2console1 blob core windows net us2 portal cloudappsecurity com; style src 'self' 'unsafe inline' s microsoft com cdn cloudappsecurity com cloudappsecurity rs azureedge net prodportalmfcdndfl azureedge net; frame src 'self' us2 portal cloudappsecurity com; connect src 'self' dc services visualstudio com dev virtualearth net cdn cloudappsecurity com cloudappsecurity rs azureedge net rs2euwportalreportsxgbr blob core windows net prod3use2portalreporxaly blob core windows net prod03use2console1 blob core windows net content type the media type of the resource application/json date the date and time at which the message was originated wed, 09 aug 2023 06 35 49 gmt request id http response header request id badc6ba6 dbd5 4f3d 9804 f6d6bde2b8c6 server information about the software used by the origin server nginx set cookie http response header set cookie cas sessionid=wqkl9bqex7i1lqycigbbuxi6o5by5cpd; domain= us2 portal cloudappsecurity com; expires=wed, 09 aug 2023 08 04 30 gmt; httponly; max age=3600; path=/; secure strict transport security http response header strict transport security max age=31536000 transfer encoding http response header transfer encoding chunked vary http response header vary origin, cookie x content type options http response header x content type options nosniff x xss protection http response header x xss protection 1; mode=block