|
<< Click to Display Table of Contents >> Raynet One Data Hub > 2026.2 > Connectors > Alphabetic Connector List > Microsoft Defender > Prerequisites API Permissions |
In order to use this connector, the following application permission must be configured for the app registration in Microsoft Entra ID. This is the minimum required permission following the principle of least privilege:
Permission |
Necessity |
Description |
|---|---|---|
Machine.Read.All |
mandatory |
Read machine information. All endpoint device data managed by Microsoft Defender for Endpoint will be extracted. |
This permission must be configured as an application permission (not a delegated permission) in the app registration. Application permissions allow the connector to run without a signed-in user context.
The permission is granted through the Microsoft Defender for Endpoint API (WindowsDefenderATP) resource, not through the standard Microsoft Graph API. When configuring API permissions in the app registration, select APIs my organization uses and search for WindowsDefenderATP to locate the correct resource.