Microsoft Sentinel

Microsoft Sentinel REST API

The Microsoft Sentinel REST API provides programmatic access to security incident management, threat intelligence, watchlists, analytics rules, and automation playbooks. Developers can manage incidents, configure data connectors, create custom detection rules, and automate security response workflows through Azure Resource Manager endpoints.

Documentation GitHub

Documentation

📖

Documentation

https://learn.microsoft.com/en-us/rest/api/securityinsights/

Other Resources

🔗

Getting Started

https://learn.microsoft.com/en-us/azure/sentinel/quickstart-onboard

API entry from apis.yml

aid: microsoft-sentinel:rest-api
name: Microsoft Sentinel REST API
tags:
- Security
- SIEM
- SOAR
- Threat Detection
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
baseURL: https://management.azure.com/
humanURL: https://learn.microsoft.com/en-us/rest/api/securityinsights/
properties:
- url: https://learn.microsoft.com/en-us/rest/api/securityinsights/
  type: Documentation
- url: https://learn.microsoft.com/en-us/azure/sentinel/quickstart-onboard
  type: Getting Started
description: The Microsoft Sentinel REST API provides programmatic access to security incident management,
  threat intelligence, watchlists, analytics rules, and automation playbooks. Developers can manage incidents,
  configure data connectors, create custom detection rules, and automate security response workflows through
  Azure Resource Manager endpoints.