diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md index 71b50119af..0208b3ef98 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md @@ -41,6 +41,8 @@ In general, you’ll need to take the following steps to use the APIs: This page explains how to create an app, get an access token to Windows Defender ATP and validate the token includes the required permission. +**Note**: When accessing WDATP API on behalf of a user, you will need the correct app permission and user permission. + ## Create an app 1. Log on to [Azure](https://portal.azure.com). @@ -51,16 +53,16 @@ This page explains how to create an app, get an access token to Windows Defender 3. In the Create window, enter the following information then click **Create**. - ![Image of Create application window](images/webapp-create.png) + ![Image of Create application window](images/nativeapp-create.png) - - **Name:** WdatpEcosystemPartner - - **Application type:** Web app / API - - **Redirect URI:** `https://WdatpEcosystemPartner.com` (The URL where user can sign in and use your app. You can change this URL later.) + - **Name:** + - **Application type:** Native + - **Redirect URI:** `https://127.0.0.1` 4. Click **Settings** > **Required permissions** > **Add**. - ![Image of new app in Azure](images/webapp-add-permission.png) + ![Image of new app in Azure](images/nativeapp-add-permission.png) 5. Click **Select an API** > **WindowsDefenderATP**, then click **Select**. diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md index fb5bfa9d7f..47d539a280 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md @@ -150,9 +150,9 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co string appSecret = "22222222-2222-2222-2222-222222222222"; // Paste your own app secret here const string authority = "https://login.windows.net"; - const string wdatpResource = "https://api.securitycenter.windows.com/"; + const string wdatpResourceId = "https://api.securitycenter.windows.com/"; - AuthenticationContext auth = new AuthenticationContext($"{aadUri}/{tenantId}/"); + AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}/"); ClientCredential clientCredential = new ClientCredential(appId, appSecret); AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, clientCredential).GetAwaiter().GetResult(); string token = authenticationResult.AccessToken; diff --git a/windows/security/threat-protection/windows-defender-atp/images/nativeapp-add-permission.png b/windows/security/threat-protection/windows-defender-atp/images/nativeapp-add-permission.png new file mode 100644 index 0000000000..32860c3359 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/nativeapp-add-permission.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/nativeapp-create.png b/windows/security/threat-protection/windows-defender-atp/images/nativeapp-create.png new file mode 100644 index 0000000000..05d76ec807 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/nativeapp-create.png differ