We’ve renamed Microsoft Cloud App Security. It’s now called Microsoft Defender for Cloud Apps. In the coming weeks, we’ll update the screenshots and instructions here and in related pages. For more information about the change, see this announcement. To learn more about the recent renaming of Microsoft security services, see the Microsoft Ignite Security blog.
This API is not available for Office 365 Cloud App Security.
The Entities API provides you with basic information about the users and accounts using your organization’s cloud apps, allowing you to understand service use patterns.
The following lists the supported requests:
For information about how filters work, see Filters.
The following table describes the supported filters:
|type||string||eq, neq||Filter entities by their type|
|isAdmin||string||eq||Filter entities that are admins|
|entity||entity pk||eq, neq||Filter entities with specific entities pks. If a user is selected, will also return all of its accounts. Example:
|userGroups||string||eq, neq||Filter entities by their associated group IDs|
|app||integer||eq, neq||Filter entities using services with the specified SaaS ID for example: 11770|
|instance||integer||eq, neq||Filter entities using services with the specified Appstances (SaaS ID and Instance ID), for example: 11770, 1059065|
|isExternal||boolean||eq||The entity’s affiliation. Possible values include:
|domain||string||eq, neq, isset, isnotset||The entity’s related domain|
|organization||string||eq, neq, isset, isnotset||Filter entities with the specified organization unit|
|status||string||eq, neq||Filter entities by status. Possible values include:
|score||integer||lt, gt, isset, isnotset||Filter entities by their Investigation Priority Score|
If you run into any problems, we’re here to help. To get assistance or support for your product issue, please open a support ticket.