Microsoft Defender XDR API

name: Microsoft Defender XDR API
description: Unified extended detection and response API for automating workflows based on shared incident
  and advanced hunting tables across Microsoft security products.
image: https://www.microsoft.com/favicon.ico
humanUrl: https://learn.microsoft.com/en-us/defender-xdr/api-overview
baseUrl: https://api.security.microsoft.com/api
tags:
- Advanced Hunting
- Event Streaming
- Incidents
- Threat Protection
- XDR
properties:
- type: Documentation
  url: https://learn.microsoft.com/en-us/defender-xdr/api-overview
- type: APIReference
  url: https://learn.microsoft.com/en-us/defender-xdr/api-supported
- type: Authentication
  url: https://learn.microsoft.com/en-us/defender-xdr/api-access
- type: Incidents API
  url: https://learn.microsoft.com/en-us/defender-xdr/api-incident
- type: Advanced Hunting API
  url: https://learn.microsoft.com/en-us/defender-xdr/api-advanced-hunting
- type: Streaming API
  url: https://learn.microsoft.com/en-us/defender-xdr/streaming-api
- type: Supported Event Types
  url: https://learn.microsoft.com/en-us/defender-xdr/supported-event-types
- type: ErrorCodes
  url: https://learn.microsoft.com/en-us/defender-xdr/api-error-codes