Merge branch 'master' into lsaldanha-4620497-batch14

windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md

@@ -21,12 +21,18 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
+
 **Applies to:**
 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
+[!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)]
+
+[!include[Improve request performance](../../includes/improve-request-performance.md)]
+
+
 Run advanced queries using PowerShell, see [Advanced Hunting API](run-advanced-query-api.md).
 
 In this section, we share PowerShell samples to retrieve a token and use it to run a query.
@@ -53,8 +59,8 @@ $tenantId = '00000000-0000-0000-0000-000000000000' # Paste your own tenant ID he
 $appId = '11111111-1111-1111-1111-111111111111' # Paste your own app ID here
 $appSecret = '22222222-2222-2222-2222-222222222222' # Paste your own app secret here
 
-$resourceAppIdUri = 'https://api.securitycenter.windows.com'
-$oAuthUri = "https://login.windows.net/$TenantId/oauth2/token"
+$resourceAppIdUri = 'https://api.securitycenter.microsoft.com'
+$oAuthUri = "https://login.microsoftonline.com/$TenantId/oauth2/token"
 $body = [Ordered] @{
     resource = "$resourceAppIdUri"
     client_id = "$appId"
@@ -77,7 +83,7 @@ Run the following query:
 ```
 $query = 'RegistryEvents | limit 10' # Paste your own query here
 
-$url = "https://api.securitycenter.windows.com/api/advancedqueries/run"
+$url = "https://api.securitycenter.microsoft.com/api/advancedqueries/run"
 $headers = @{ 
     'Content-Type' = 'application/json'
     Accept = 'application/json'