Skip to Content

MC306099: Adding new status to Microsoft 365 Defender incidents API

This update will bring a new status name to incidents in addition to the current “active”, “resolved” and “redirected”. The new status name will be “In progress”. This status will also be available in Microsoft 365 Defender incidents API, under the field name “status”.

MC306099: Adding new status to Microsoft 365 Defender incidents API

Updated attributes for the field “status” in Microsoft 365 Defender incidents API:

  • Active
  • In progress (new)
  • Resolved
  • Redirected

Note: If you are not using Microsoft 365 Defender incidents API, you can safely disregard this message.

Key points

  • Timing: We will begin rolling this out in mid-January and expect to complete in early February.
  • Action: Update incidents API integration to include In progress
  • Roll-out: tenant level

How this will affect your organization

This addition of In progress will cause existing integrations with incidents API to not work.

  • If and only if your API has hard logic solely based on the 3 old statuses (“Active”, “Resolved”, “Redirected”), when you receive a new status (In progress), the logic will fail.

What you need to do to prepare

Be sure your incidents API integration is updated to include In progress.

Message ID: MC306099
Published: 17 December 2021
Updated: 17 December 2021
#FeatureUpdate #AdminImpact
Plan For Change

Tags

Tags

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.