Skip to Content

MC306099: Adding new status to Microsoft 365 Defender incidents API

This update will bring a new status name to incidents in addition to the current “active”, “resolved” and “redirected”. The new status name will be “In progress”. This status will also be available in Microsoft 365 Defender incidents API, under the field name “status”.

MC306099: Adding new status to Microsoft 365 Defender incidents API

Updated attributes for the field “status” in Microsoft 365 Defender incidents API:

  • Active
  • In progress (new)
  • Resolved
  • Redirected

Note: If you are not using Microsoft 365 Defender incidents API, you can safely disregard this message.

Key points

  • Timing: We will begin rolling this out in mid-January and expect to complete in early February.
  • Action: Update incidents API integration to include In progress
  • Roll-out: tenant level

How this will affect your organization

This addition of In progress will cause existing integrations with incidents API to not work.

  • If and only if your API has hard logic solely based on the 3 old statuses (“Active”, “Resolved”, “Redirected”), when you receive a new status (In progress), the logic will fail.

What you need to do to prepare

Be sure your incidents API integration is updated to include In progress.

Message ID: MC306099
Published: 17 December 2021
Updated: 17 December 2021
#FeatureUpdate #AdminImpact
Plan For Change

Tags

Tags

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker