Microsoft Cloud App Security gives you visibility into your cloud apps and services, provides sophisticated analytics to identify and combat cyberthreats and enables you to control how your data travels.
Status: Production |
Tier: Standard |
Version: 1.0 |
Name |
Summary |
MCAS_ON_ALERT_GENERATED (MCAS_ON_ALERT_GENERATEDParameterBody body) |
When an alert is generated |
Name |
Summary |
Activities |
|
Open alerts |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Policy |
Summary: Delete flow
Description: Deletes a flow
Syntax:
CloudAppSecurity.MCAS_DELETE_FLOW (string flow_id)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
flow_id |
string
|
|
True |
Returns:
Type:string
Summary: (Deprecated) Dismiss Cloud App Security alert
Description: Dismiss Cloud App Security alert by alert ID (deprecated version)
Syntax:
CloudAppSecurity.MCAS_DISMISS_ALERT (MCAS_DISMISS_ALERTParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_DISMISS_ALERTParameterBody
|
|
True |
Returns:
Summary: (Deprecated) Resolve Cloud App Security alert
Description: Resolve Cloud App Security alert by alert ID (deprecated version)
Syntax:
CloudAppSecurity.MCAS_RESOLVE_ALERT (MCAS_RESOLVE_ALERTParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_RESOLVE_ALERTParameterBody
|
|
True |
Returns:
Summary: Close Cloud App Security alert as false positive
Description: Close Cloud App Security alert by alert ID as false positive
Syntax:
CloudAppSecurity.MCAS_CLOSE_ALERT_FALSE_POSITIVE (MCAS_CLOSE_ALERT_FALSE_POSITIVEParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_CLOSE_ALERT_FALSE_POSITIVEParameterBody
|
|
True |
Returns:
Summary: Close Cloud App Security alert as true positive
Description: Close Cloud App Security alert by alert ID as true positive
Syntax:
CloudAppSecurity.MCAS_CLOSE_ALERT_TRUE_POSITIVE (MCAS_CLOSE_ALERT_TRUE_POSITIVEParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_CLOSE_ALERT_TRUE_POSITIVEParameterBody
|
|
True |
Returns:
Summary: Close Cloud App Security alert as benign
Description: Close Cloud App Security alert by alert ID as benign
Syntax:
CloudAppSecurity.MCAS_CLOSE_ALERT_BENIGN (MCAS_CLOSE_ALERT_BENIGNParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_CLOSE_ALERT_BENIGNParameterBody
|
|
True |
Returns:
Summary: Disable Cloud App Security policy
Description: Disable Cloud App Security policy by policy ID
Syntax:
CloudAppSecurity.MCAS_DISABLE_POLICY (string policy_id)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
policy_id |
string (Provider policy ID) |
Enter provider policy ID... |
True |
Returns:
Summary: Enable Cloud App Security policy
Description: Enable Cloud App Security policy by policy ID
Syntax:
CloudAppSecurity.MCAS_ENABLE_POLICY (string policy_id)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
policy_id |
string (Provider policy ID) |
Enter provider policy ID... |
True |
Returns:
Summary: Get Cloud App Security open alerts
Description: Get Cloud App Security open alerts
Syntax:
CloudAppSecurity.MCAS_GET_OPEN_ALERTS (MCAS_GET_OPEN_ALERTSParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_GET_OPEN_ALERTSParameterBody
|
|
True |
Returns:
Type:AlertsAPIResult
Summary: Open alerts
Summary: Get Cloud App Security policy
Description: Get Cloud App Security policy by policy ID
Syntax:
CloudAppSecurity.MCAS_GET_POLICY (string policy_id, MCAS_GET_POLICYParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
policy_id |
string (Provider policy ID) |
Enter provider policy ID... |
True |
|
body |
|
|
True |
Returns:
Type:PolicyAPIResult
Summary: Policy
Summary: Get Cloud App Security activities
Description: Get Cloud App Security activities performed by Azure AD user ID
Syntax:
CloudAppSecurity.MCAS_GET_ACTIVITIES (MCAS_GET_ACTIVITIESParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_GET_ACTIVITIESParameterBody
|
|
True |
Returns:
Type:ActivitiesAPIResult
Summary: Activities
Summary: Tag app as sanctioned
Description: Tag app as sanctioned by app ID
Syntax:
CloudAppSecurity.MCAS_TAG_APP_SANCTIONED (integer app_id, MCAS_TAG_APP_SANCTIONEDParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
app_id |
integer(int32) (Cloud Application) |
Enter Cloud Application ID... |
True |
|
body |
MCAS_TAG_APP_SANCTIONEDParameterBody
|
|
True |
Returns:
Summary: Tag app as unsanctioned
Description: Tag app as unsanctioned by app ID
Syntax:
CloudAppSecurity.MCAS_TAG_APP_UNSANCTIONED (integer app_id, MCAS_TAG_APP_UNSANCTIONEDParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
app_id |
integer(int32) (Cloud Application) |
Enter Cloud Application ID... |
True |
|
body |
MCAS_TAG_APP_UNSANCTIONEDParameterBody
|
|
True |
Returns:
Summary: When an alert is generated
Description: Triggers when a Cloud App Security alert is generated. After configuring your flow, go to the Cloud App Security policy page, and specify this flow in one of your policies.
Syntax:
CloudAppSecurity.MCAS_ON_ALERT_GENERATED (MCAS_ON_ALERT_GENERATEDParameterBody body)
Parameters:
Name |
Type |
Summary |
Required |
Related Action |
body |
MCAS_ON_ALERT_GENERATEDParameterBody
|
|
True |
Returns:
Summary: Activities
Description:
Properties:
Name |
Type |
Summary |
data |
array of (DataItem)
|
Activities by AAD user ID |
Summary:
Description:
Properties:
Name |
Type |
Summary |
Summary: Open alerts
Description:
Properties:
Name |
Type |
Summary |
data |
array of (DataItem)
|
Get open alerts |
Summary:
Description:
Properties:
Name |
Type |
Summary |
Summary:
Description:
Properties:
Name |
Type |
Summary |
filters |
|
filters |
comment |
string
|
Comment |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
id |
|
id |
Summary:
Description: id
Properties:
Name |
Type |
Summary |
eq |
array of (string)
|
eq |
Summary:
Description:
Properties:
Name |
Type |
Summary |
filters |
|
filters |
comment |
string
|
Comment |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
id |
|
id |
Summary:
Description: id
Properties:
Name |
Type |
Summary |
eq |
array of (string)
|
eq |
Summary:
Description:
Properties:
Name |
Type |
Summary |
filters |
|
filters |
comment |
string
|
Comment |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
id |
|
id |
Summary:
Description: id
Properties:
Name |
Type |
Summary |
eq |
array of (string)
|
eq |
Summary:
Description:
Properties:
Name |
Type |
Summary |
filters |
|
filters |
comment |
string
|
Comment |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
id |
|
id |
Summary:
Description: id
Properties:
Name |
Type |
Summary |
eq |
array of (string)
|
eq |
Summary:
Description:
Properties:
Name |
Type |
Summary |
skip |
integer(int32)
|
skip |
limit |
integer(int32)
|
Enter limit... |
filters |
|
filters |
sortField |
string
|
sortField |
sortDirection |
string
|
sortDirection |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
entity |
|
entity |
Summary:
Description: entity
Properties:
Name |
Type |
Summary |
eq |
array of (EqItem)
|
eq |
Summary:
Description:
Properties:
Name |
Type |
Summary |
id |
string
|
Enter AAD User ID... |
saas |
integer(int32)
|
saas |
inst |
integer(int32)
|
inst |
Summary:
Description:
Properties:
Name |
Type |
Summary |
skip |
integer(int32)
|
skip |
limit |
integer(int32)
|
Enter limit... |
filters |
|
filters |
sortField |
string
|
sortField |
sortDirection |
string
|
sortDirection |
projectedMSFlowFields |
boolean
|
projectedMSFlowFields |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
Summary:
Description:
Properties:
Name |
Type |
Summary |
projectedMSFlowFields |
string
|
projectedMSFlowFields |
Summary:
Description:
Properties:
Name |
Type |
Summary |
callback_url |
string
|
callback_url |
Summary:
Description:
Properties:
Name |
Type |
Summary |
filters |
|
filters |
comment |
string
|
Comment |
Summary:
Description: filters
Properties:
Name |
Type |
Summary |
id |
|
id |
Summary:
Description: id
Properties:
Name |
Type |
Summary |
eq |
array of (string)
|
eq |
Summary:
Description:
Properties:
Name |
Type |
Summary |
sanction |
string
|
sanction |
Summary:
Description:
Properties:
Name |
Type |
Summary |
ban |
string
|
ban |
Summary: Policy
Description:
Properties:
Name |
Type |
Summary |
name |
string Name |
The name of the policy |
description |
string Description |
The description of the policy |
policyType |
string Type |
The type of the policy |
alertDailyLimit |
integer Daily alert limit |
Daily limit of generated alerts |
lastModified |
number Last modified |
Last modified timestamp |