How do i query Azure Security Center SecureScore through Graph API?

0
votes

Im trying to access Microsoft Graph API to get the secureScore for Azure Security Center, but im unable to find the endpoint that gives me this information. I can easily find the secureScore for Office 365 through https://graph.microsoft.com/beta/security/secureScores, but this doesn't give me the one for Azure.

I'm authentication towards Graph using a App Registration. This is the code used to get the secureScore for Office 365:

#Assign the Client/Application ID, Client Secret and Tenant Domain
$ClientID = 'CLIENTID'
$ClientSecret = 'CLIENTSECRET'
$tenantdomain = 'TENANTNAME.onmicrosoft.com'

$loginURL = "https://login.microsoft.com"
$resource = "https://graph.microsoft.com"
$body       = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}
$oauth      = Invoke-RestMethod -Method Post -Uri $loginURL/$tenantdomain/oauth2/token?api-version=1.0 -Body $body

$headerParams = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}
[uri]$uriGraphEndpoint = "https://graph.microsoft.com/beta/security/secureScores"
$response = Invoke-RestMethod -Method Get -Uri $uriGraphEndpoint.AbsoluteUri -Headers $headerParams

Can anyone point me in the right direction?

1
microsoft-graph-apiazure-ad-graph-api

1 Answers

0
votes

Currently it's not supported to get the ASC SecureScore through Graph API or ASC Rest API.

The data on Azure portal is got from internal API which is not recommended to use.

You could post your idea on Azure Security Center User Voice to get the attention of MS product group.