This update will bring a new status name to incidents in addition to the current “active”, “resolved” and “redirected”. The new status name will be “In progress”. This status will also be available in Microsoft 365 Defender incidents API, under the field name “status”.
Updated attributes for the field “status” in Microsoft 365 Defender incidents API:
- Active
- In progress (new)
- Resolved
- Redirected
Note: If you are not using Microsoft 365 Defender incidents API, you can safely disregard this message.
Key points
- Timing: We will begin rolling this out in mid-January and expect to complete in early February.
- Action: Update incidents API integration to include In progress
- Roll-out: tenant level
How this will affect your organization
This addition of In progress will cause existing integrations with incidents API to not work.
- If and only if your API has hard logic solely based on the 3 old statuses (“Active”, “Resolved”, “Redirected”), when you receive a new status (In progress), the logic will fail.
What you need to do to prepare
Be sure your incidents API integration is updated to include In progress.
Message ID: MC306099
Published: 17 December 2021
Updated: 17 December 2021
#FeatureUpdate #AdminImpact
Plan For Change
