Microsoft Cloud Apps

microsoft cloud apps is a cloud based service that helps organizations manage and secure their applications across various platforms microsoft cloud apps is a comprehensive cloud security solution that helps organizations protect their data and applications across multiple cloud services this connector enables seamless integration with swimlane turbine, allowing users to automate security management tasks such as alert handling, ip address range management, and entity retrieval by leveraging this integration, swimlane turbine end users can enhance their security operations with efficient automation, reducing manual effort and improving response times to potential threats prerequisites before you can use the microsoft cloud apps connector for turbine, you'll need access to the microsoft cloud apps api this requires the following oauth 2 0 client credentials authentication using the following parameters url the endpoint for accessing microsoft cloud apps services client id the unique identifier for your application client secret the secret key associated with your client id token url the url used to obtain the access token scope the permissions required for accessing specific resources api key authentication using the following parameters url the endpoint for accessing microsoft cloud apps services access token the token used to authenticate api requests capabilities this connector provides the following capabilities close benign close false positive close true positive create ip address range fetch alert fetch entity fetch entity tree fetch file generate block script initiate file upload list alerts list continuous report category list continuous reports list entities list files and so on close benign for input reasonid , click here to check possible values https //learn microsoft com/en us/defender cloud apps/api alerts close benign close false positive for input reasonid , click here to check possible values https //learn microsoft com/en us/defender cloud apps/api alerts close false positive create ip address range for input category , click here to check possible values https //learn microsoft com/en us/defender cloud apps/api data enrichment create fetch entity the input entity id is a dictionary with the entity id, saas, and instance details encoded as a base64 string for example {"id" "3fa9f28b eb0e 463a ba7b 8089fe9991e2","saas" 11161 ,"inst" 0 } encoded as a base64 string generate block script for input format , following formats are currently supported appliance format bluecoat proxysg 102 cisco asa 104 fortinet fortigate 108 juniper srx 129 palo alto 112 websense 135 zscaler 120 initiate file upload for input source , click here to check supported source type https //learn microsoft com/en us/defender cloud apps/api discovery initiate list alerts for input filters see alert filters https //learn microsoft com/en us/defender cloud apps/api alerts#filters for more details list entities for input sortfield , choose from following values displayname score for input filters see entities filer https //learn microsoft com/en us/defender cloud apps/api entities#filters for more details list files for input filters see file filters https //learn microsoft com/en us/defender cloud apps/api files#filters for more details list ip ranges for input filters see ip range filters https //learn microsoft com/en us/defender cloud apps/api data enrichment#filters for more details the input sortfield is used to sort ip ranges possible values are category tags name manage ip address range for input filters see data enrichment filters https //learn microsoft com/en us/defender cloud apps/api data enrichment#filters for more details update ip address range the input category , is the id of the range category providing a category helps you easily recognize activities from interesting ip addresses possible values include 1 corporate 2 administrative 3 risky 4 vpn 5 cloud provider 6 other notes api doc https //learn microsoft com/en us/defender cloud apps/api introduction configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required access token access token string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional oauth 2 0 client credentials authenticates using oauth 2 0 client credentials configuration parameters parameter description type required url a url to the target host string required token url must start with https //login microsoftonline com/ https //login microsoftonline com/ and then continue with the tenant id, and then be prepended with /oauth2/v2 0/token string required client id the client id string required client secret the client secret string required scope list of permission scopes for this action array required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions close benign close multiple alerts in microsoft cloud apps as benign based on specified filters endpoint url /api/v1/alerts/close benign/ method post input argument name type required description filters object optional parameter for close benign comment string optional parameter for close benign reasonid number optional unique identifier sendfeedback boolean optional parameter for close benign feedbacktext string optional parameter for close benign allowcontact boolean optional parameter for close benign contactemail string optional parameter for close benign input example {"json body" {"filters" {},"comment" "irrelevant","reasonid" 5,"sendfeedback"\ true,"feedbacktext" "feedback text","allowcontact"\ true,"contactemail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase closed benign number output field closed benign output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 34 52 gmt","content type" "application/json","content length" "20","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "cadb6340 0767 4a0b b6e close false positive close multiple alerts in microsoft cloud apps as false positives based on specified filters endpoint url /api/v1/alerts/close false positive/ method post input argument name type required description filters object optional parameter for close false positive comment string optional parameter for close false positive reasonid number optional unique identifier sendfeedback boolean optional parameter for close false positive feedbacktext string optional parameter for close false positive allowcontact boolean optional parameter for close false positive contactemail string optional parameter for close false positive input example {"json body" {"filters" {},"comment" "irrelevant","reasonid" 0,"sendfeedback"\ true,"feedbacktext" "feedback text","allowcontact"\ true,"contactemail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase closed false positive number output field closed false positive output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 46 02 gmt","content type" "application/json","content length" "28","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "0d9ae7f9 6ae5 4aa3 88f close true positive close multiple alerts in microsoft cloud apps as true positives based on specified filters endpoint url /api/v1/alerts/close true positive/ method post input argument name type required description filters object optional parameter for close true positive comment string optional parameter for close true positive sendfeedback boolean optional parameter for close true positive feedbacktext string optional parameter for close true positive allowcontact boolean optional parameter for close true positive contactemail string optional parameter for close true positive input example {"json body" {"filters" {},"comment" "irrelevant","sendfeedback"\ true,"feedbacktext" "feedback text","allowcontact"\ true,"contactemail" ""}} output parameter type description status code number http status code of the response reason string response reason phrase closed true positive number output field closed true positive output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 46 58 gmt","content type" "application/json","content length" "27","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "03c75f53 d5b8 4d3e bb8 create ip address range run a post request to add a new ip address range in microsoft cloud apps using the specified name and subnets endpoint url /api/v1/subnet/create rule/ method post input argument name type required description name string optional name of the resource category number optional parameter for create ip address range organization string optional parameter for create ip address range subnets array optional parameter for create ip address range tags array optional parameter for create ip address range input example {"json body" {"name" "range name","category" 5,"organization" "microsoft","subnets" \["192 168 1 0/24","192 168 2 0/16"],"tags" \["existing tag"]}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 00 23 gmt","content type" "application/json","content length" "26","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "script src 'self' 'unsafe eval' 'unsafe inline' dev virtualearth net cdn cloudap ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "0d231409 732d 4d3e 8c0 delete ip address range run a delete request to remove an ip address range in microsoft cloud apps using the ip range id path parameter endpoint url /api/v1/subnet/{{ip range id}}/ method delete input argument name type required description path parameters ip range id string required parameters for the delete ip address range action input example {"path parameters" {"ip range id" "64d23c67d0b71bb8e300b276"}} output parameter type description status code number http status code of the response reason string response reason phrase response text string output field response text output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 17 28 gmt","content length" "0","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "d980baba a243 43f0 a1ed d8 fetch alert retrieve an alert from microsoft cloud apps using the specified alert id as the primary key endpoint url /api/v1/alerts/{{alert id}}/ method get input argument name type required description path parameters alert id string required parameters for the fetch alert action input example {"path parameters" {"alert id" "603f704aaf7417985bbf3b22"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier contextid string unique identifier description string output field description entities array output field entities entities entityrole string output field entities entityrole entities entitytype number type of the resource entities id string unique identifier entities inst number output field entities inst entities label string output field entities label entities pa string output field entities pa entities saas number output field entities saas entities type string type of the resource entities policytype string type of the resource idvalue number unique identifier issystemalert boolean output field issystemalert resolutionstatusvalue number status value severityvalue number value for the parameter statusvalue number status value stories array output field stories threatscore number score value timestamp number output field timestamp title string output field title comment string output field comment output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 25 08 gmt","content type" "application/json","content length" "30","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","requ fetch entity run a get request to retrieve an entity in microsoft cloud apps using the specified primary key, entity id endpoint url /api/v1/entities/{{entity id}}/ method get input argument name type required description path parameters entity id string required parameters for the fetch entity action input example {"path parameters" {"entity id" "eyjpzci6ijy3ogy4mgu1lwu1mdytngyxmc04otvklwjmnjy0njk5ndc1zcisinnhyxmiojexmtyxlcjpbnn0ijowfq=="}} output parameter type description status code number http status code of the response reason string response reason phrase type number type of the resource status number status value displayname string name of the resource id string unique identifier id string unique identifier usergroups array output field usergroups usergroups id string unique identifier usergroups id string unique identifier usergroups name string name of the resource usergroups description string output field usergroups description usergroups userscount number count value identifiers array unique identifier identifiers type number unique identifier identifiers status number unique identifier identifiers displayname string unique identifier sid object unique identifier appdata object response data appdata appid number response data appdata name string response data appdata saas number response data appdata instance number response data isadmin boolean output field isadmin isexternal boolean output field isexternal output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 36 40 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no stor fetch entity tree run a get request to retrieve all entities related to the specified entity id in microsoft cloud apps endpoint url /api/v1/entities/{{entity id}}/retrieve tree/ method get input argument name type required description path parameters entity id string required a dictionary with the entity id, saas, and inst details encoded as a base64 string input example {"path parameters" {"entity id" "eyjpzci6ijy3ogy4mgu1lwu1mdytngyxmc04otvklwjmnjy0njk5ndc1zcisinnhyxmiojexmtyxlcjpbnn0ijowfq=="}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data type number response data data status number response data data displayname string response data data id string response data data id string response data data usergroups array response data data usergroups file name string response data data usergroups file string response data data identifiers array response data data identifiers type number response data data identifiers status number response data data identifiers displayname string response data data sid object response data data appdata object response data data appdata appid number response data data appdata name string response data data appdata saas number response data data appdata instance number response data data isadmin boolean response data data isexternal boolean response data data email string response data data role string response data output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 06 35 49 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, head, options","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "d283a942 fetch file retrieve a file from microsoft cloud apps using the specified file id as the primary key endpoint url /api/v1/files/{{file id}}/ method get input argument name type required description path parameters file id string required parameters for the fetch file action input example {"path parameters" {"file id" "603f704aaf7417985bbf3b22"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 27 20 gmt","content type" "application/json","content length" "30","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","requ generate block script run a get request to obtain a block script for your network appliance in microsoft cloud apps endpoint url /api/discovery block scripts/ method get input argument name type required description parameters format number optional parameters for the generate block script action input example {"parameters" {"format" 102}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data appid number response data data domainlist array response data data name string response data data security object response data data security mfa object response data data security adminaudittrail object response data data security anonymous usage object response data data security cert object response data data security cert badcommonname object response data data security cert hostnamemismatch object response data data security cert insecuresignature object response data data security cert isblacklisted object response data data security cert isrevoked object response data data security cert nochainoftrust object response data data security cert notafter object response data data security cert notbefore object response data data security cert selfsigned object response data data security certistrusted boolean response data data security dataaudittrail object response data data security dataclassification object response data data security dataencrypted object response data output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 10 08 34 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "322 initiate file upload run the get request to initiate the file upload process in microsoft cloud apps using the specified filename endpoint url /api/v1/discovery/upload url/ method get input argument name type required description parameters filename string required parameters for the initiate file upload action parameters source string optional parameters for the initiate file upload action input example {"parameters" {"filename" "my discovery file txt","source" "generic cef"}} output parameter type description status code number http status code of the response reason string response reason phrase url string url endpoint for the request provider string unique identifier output example {"status code" 200,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 09 26 53 gmt","content type" "application/json","content length" "258","connection" "keep alive","allow" "get, options","vary" "origin, cookie","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "70a94534 d0d1 4dc6 a83b 6448d7 list alerts fetch a list of alerts from microsoft cloud apps that match the specified filters endpoint url /api/v1/alerts/ method post input argument name type required description filters object optional parameter for list alerts sortdirection string optional parameter for list alerts sortfield string optional parameter for list alerts skip number optional parameter for list alerts limit number optional parameter for list alerts input example {"json body" {"filters" {},"sortdirection" "asc","sortfield" "severity","skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data contextid string response data data description string response data data entities array response data data entities id string response data data entities label string response data data entities policytype string response data data entities type string response data data entities em string response data data entities entitytype number response data data entities inst number response data data entities pa string response data data entities saas number response data data evidence array response data data evidence title object response data data evidence title template string response data data evidence title parameters mitre object parameters for the list alerts action data evidence title parameters tactic string parameters for the list alerts action data idvalue number response data data intent array response data data issystemalert boolean response data data resolutionstatusvalue number response data output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 32 02 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "5bf list continuous report categories run a post request to retrieve categories linked to a continuous report in microsoft cloud apps requires streamid in the json body endpoint url /api/v1/discovery/discovered apps/categories/ method post input argument name type required description filters object optional parameter for list continuous report categories filters id object optional unique identifier filters id eq array optional unique identifier filters sortdirection string optional parameter for list continuous report categories filters sortfield string optional parameter for list continuous report categories filters skip number optional parameter for list continuous report categories filters limit number optional parameter for list continuous report categories filters streamid string optional unique identifier filters timeframe string optional parameter for list continuous report categories input example {"json body" {"filters" {"id" {"eq" \["64499022ab22621e53dd7865"]},"sortdirection" "asc","sortfield" "score","skip" 5,"limit" 10,"streamid" "64499022ab22621e53dd7865","timeframe" "7"}}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data total number response data output example {"status code" 200,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 11 29 56 gmt","content type" "application/json","content length" "665","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "8242cc19 b920 4890 88 list continuous reports run a get request to retrieve a list of continuous reports in microsoft cloud apps endpoint url api/discovery/streams/ method get input argument name type required description data body object optional data body headers object optional request headers input example {"path parameters" {},"parameters" {},"data body" {},"headers" {}} output parameter type description status code number http status code of the response reason string response reason phrase streams array output field streams streams id string unique identifier streams logtype number type of the resource streams builtinstreamtype number type of the resource streams displayname string name of the resource streams streamtype number type of the resource streams snapshotdata boolean response data streams created string output field streams created streams ismanual boolean output field streams ismanual streams canupdatemasterstream boolean output field streams canupdatemasterstream streams supportedtraffictypes array type of the resource streams supportedtraffictypes file name string name of the resource streams supportedtraffictypes file string type of the resource streams supportedentitytypes array type of the resource streams supportedentitytypes file name string name of the resource streams supportedentitytypes file string type of the resource streams lastmodified string output field streams lastmodified streams receivertype string type of the resource streams tid number unique identifier streams lastdatareceived string response data streams logfileshistorycount number count value streams currentservicescollectionname string name of the resource streams globalaggregated boolean output field streams globalaggregated output example {"status code" 200,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 11 17 03 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","allow" "options, get","vary" "origin, cookie","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "ab1cd0dd f15d 4cec b4c8 list entities fetch a list of entities in microsoft cloud apps using specified filters via a post request endpoint url /api/v1/entities/ method post input argument name type required description filters object optional parameter for list entities sortdirection string optional parameter for list entities sortfield string optional parameter for list entities skip number optional parameter for list entities limit number optional parameter for list entities input example {"json body" {"filters" {},"sortdirection" "asc","sortfield" "displayname","skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data type number response data data status number response data data displayname string response data data id string response data data id string response data data usergroups array response data data usergroups id string response data data usergroups id string response data data usergroups name string response data data usergroups description string response data data usergroups userscount number response data data identifiers array response data data identifiers file name string response data data identifiers file string response data data sid object response data data appdata object response data data appdata appid number response data data appdata name string response data data appdata saas number response data data appdata instance number response data data isadmin boolean response data data isexternal boolean response data output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 28 05 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "42f list files post a request to retrieve a list of files in microsoft cloud apps that match specified filters endpoint url /api/v1/files/ method post input argument name type required description filters object optional parameter for list files skip number optional parameter for list files limit number optional parameter for list files input example {"json body" {"filters" {},"skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data file name string response data data file string response data hasnext boolean output field hasnext max number output field max total number output field total morethantotal boolean output field morethantotal output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 07 04 30 gmt","content type" "application/json","content length" "69","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "344f5d14 b0 list ip ranges request to fetch a list of ip ranges matching the specified filters in microsoft cloud apps endpoint url /api/v1/subnet/ method post input argument name type required description filters object optional parameter for list ip ranges sortdirection string optional parameter for list ip ranges sortfield string optional parameter for list ip ranges skip number optional parameter for list ip ranges limit number optional parameter for list ip ranges input example {"json body" {"filters" {},"sortdirection" "asc","sortfield" "category","skip" 5,"limit" 10}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data name string response data data subnets array response data data subnets mask number response data data subnets address string response data data subnets originalstring string response data data location object response data data location name string response data data location latitude number response data data location longitude number response data data location countrycode string response data data location countryname string response data data organization string response data data tags array response data data tags id string response data data tags id string response data data tags target number response data data tags type number response data data tags name string response data data tags nametemplate object response data data tags nametemplate template string response data data tags description string response data output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 10 50 54 gmt","content type" "application/json","content length" "37","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; script src 'self' 'unsafe eval' 'unsafe inline' dev virtuale ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "0ddaf22f 90 manage ip address range use data enrichment apis to manage ip address ranges in microsoft cloud apps endpoint url /api/v1/subnet/ method post input argument name type required description filters object optional parameter for manage ip address range limit number optional parameter for manage ip address range input example {"json body" {"filters" {},"limit" 5}} output parameter type description status code number http status code of the response reason string response reason phrase data array response data data id string response data data name string response data data subnets array response data data subnets mask number response data data subnets address string response data data subnets originalstring string response data data location object response data data organization object response data data tags array response data data tags file name string response data data tags file string response data data category number response data data lastmodified number response data data tid number response data hasnext boolean output field hasnext total number output field total output example {"status code" 200,"response headers" {"server" "nginx","date" "wed, 09 aug 2023 10 25 55 gmt","content type" "application/json","content length" "411","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "3c6cafdf 1 mark alert as read mark a specific alert as read in microsoft cloud apps using the alert id as the primary key endpoint url /api/v1/alerts/{{alert id}}/read/ method post input argument name type required description path parameters alert id string required parameters for the mark alert as read action input example {"path parameters" {"alert id" "603f704aaf7417985bbf3b22"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 400,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 09 12 15 gmt","content type" "application/json","content length" "140","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","req mark alert as unread mark a specific alert as unread in microsoft cloud apps using the alert id path parameter endpoint url /api/v1/alerts/{{alert id}}/unread/ method post input argument name type required description path parameters alert id string required parameters for the mark alert as unread action input example {"path parameters" {"alert id" "649cc0f3967076e7d60db283"}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 400,"response headers" {"server" "nginx","date" "mon, 07 aug 2023 09 18 39 gmt","content type" "application/json","content length" "144","connection" "keep alive","vary" "accept, origin, cookie","allow" "get, post, put, patch, delete, head, options","content security policy" "default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloud ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","req update ip address range run a post request to update an existing ip address range in microsoft cloud apps using the ip range id, name, and subnets endpoint url /api/v1/subnet/{{ip range id}}/update rule/ method post input argument name type required description path parameters ip range id string required parameters for the update ip address range action name string optional name of the resource category number optional parameter for update ip address range organization string optional parameter for update ip address range subnets array optional parameter for update ip address range tags array optional parameter for update ip address range input example {"json body" {"name" "range name update","category" 5,"organization" "microsoft","subnets" \["192 168 1 0/24","192 168 2 0/16"],"tags" \["existing tag"]},"path parameters" {"ip range id" "64d23c67d0b71bb8e300b276"}} output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource subnets array output field subnets subnets mask number output field subnets mask subnets address string output field subnets address subnets originalstring string output field subnets originalstring location object output field location organization string output field organization tags array output field tags category number output field category lastmodified number output field lastmodified output example {"status code" 200,"response headers" {"server" "nginx","date" "tue, 08 aug 2023 13 09 35 gmt","content type" "application/json","content length" "364","connection" "keep alive","vary" "accept, origin, cookie","allow" "post, options","content security policy" "script src 'self' 'unsafe eval' 'unsafe inline' dev virtualearth net cdn cloudap ","strict transport security" "max age=31536000","x content type options" "nosniff","cache control" "no cache, no store","request id" "7275323d 8fb4 4bc7 9a response headers header description example allow http response header allow get, post, put, patch, delete, head, options cache control directives for caching mechanisms no cache, no store connection http response header connection keep alive content encoding http response header content encoding gzip content length the length of the response body in bytes 411 content security policy http response header content security policy default src 'self'; style src 'self' 'unsafe inline' s microsoft com cdn cloudappsecurity com cloudappsecurity rs azureedge net prodportalmfcdndfl azureedge net; frame src 'self' us2 portal cloudappsecurity com; img src 'self' 'self' data blob adaproddiscovery azureedge net cdn cloudappsecurity com cloudappsecurity rs azureedge net prod03use2console1 blob core windows net us2 portal cloudappsecurity com; font src 'self' s microsoft com c s microsoft com flow\ microsoft com data cdn cloudappsecurity com cloudappsecurity rs azureedge net static2 sharepointonline com portal cloudappsecurity com portal cloudappsecurity com; connect src 'self' dc services visualstudio com dev virtualearth net cdn cloudappsecurity com cloudappsecurity rs azureedge net rs2euwportalreportsxgbr blob core windows net prod3use2portalreporxaly blob core windows net prod03use2console1 blob core windows net; script src 'self' 'unsafe eval' 'unsafe inline' dev virtualearth net cdn cloudappsecurity com cloudappsecurity rs azureedge net prodportalmfcdndfl azureedge net us2 portal cloudappsecurity com content type the media type of the resource application/json date the date and time at which the message was originated mon, 07 aug 2023 09 18 39 gmt request id http response header request id cadb6340 0767 4a0b b6e8 7c03ee242dea server information about the software used by the origin server nginx set cookie http response header set cookie cas sessionid=9xlk3spg5t2s33gxn24ifk6rs3k4hdd6; domain= us2 portal cloudappsecurity com; expires=wed, 09 aug 2023 08 32 02 gmt; httponly; max age=3600; path=/; secure strict transport security http response header strict transport security max age=31536000 transfer encoding http response header transfer encoding chunked vary http response header vary accept, origin, cookie x content type options http response header x content type options nosniff x xss protection http response header x xss protection 1; mode=block