2.7 KiB
title, description, keywords, search.product, search.appverid, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.author, author, ms.localizationpriority, manager, audience, ms.collection, ms.topic
| title | description | keywords | search.product | search.appverid | ms.prod | ms.mktglfcycl | ms.sitesec | ms.pagetype | ms.author | author | ms.localizationpriority | manager | audience | ms.collection | ms.topic |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Enable the custom threat intelligence API in Microsoft Defender ATP | Learn how to setup the custom threat intelligence application in Microsoft Defender ATP to create custom threat intelligence (TI). | enable custom threat intelligence application, custom ti application, application name, client id, authorization url, resource, client secret, access tokens | eADQiWindows 10XVcnh | met150 | w10 | deploy | library | security | macapara | mjcaparas | medium | dansimp | ITPro | M365-security-compliance | article |
Enable the custom threat intelligence API in Microsoft Defender ATP (Deprecated)
Applies to:
Tip
This topic has been deprecated. See Indicators for the updated content.
Want to experience Microsoft Defender ATP? Sign up for a free trial.
Before you can create custom threat intelligence (TI) using REST API, you'll need to set up the custom threat intelligence application through Microsoft Defender Security Center.
-
In the navigation pane, select Settings > Threat intel.
-
Select Enable threat intel API. This activates the Azure Active Directory application setup sections with pre-populated values.
-
Copy the individual values or select Save details to file to download a file that contains all the values.
Warning
The client secret is only displayed once. Make sure you keep a copy of it in a safe place.
For more information about getting a new secret see, Learn how to get a new secret. -
Select Generate tokens to get an access and refresh token.
You’ll need to use the access token in the Authorization header when doing REST API calls.
Related topics
- Understand threat intelligence concepts
- Create custom alerts using the threat intelligence API
- PowerShell code examples for the custom threat intelligence API
- Python code examples for the custom threat intelligence API
- Experiment with custom threat intelligence alerts
- Troubleshoot custom threat intelligence issues