Skip to content

[Microsoft Defender for Cloud]: (microsoft_defender_cloud) make OAuth2 endpoint params configurable #16135

New issue
New issue
Open
Open
[Microsoft Defender for Cloud]: (microsoft_defender_cloud) make OAuth2 endpoint params configurable#16135
Labels
Integration:microsoft_defender_cloudMicrosoft Defender for CloudTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]enhancementNew feature or requestneeds:triage
@a03nikki

Description

@a03nikki
a03nikki
opened on Nov 26, 2025

Integration Name

Microsoft Defender for Cloud [microsoft_defender_cloud]

Dataset Name

No response

Integration Version

3.1.1

Agent Version

9.2.1

OS Version and Architecture

Debian

User Goal

Configure the integration to work with Microsoft's Partner Center and its granular delegated admin privileges (GDAP) constructs to authorize and collect tenant information.

Existing Features

Similar to work we previously did for both Microsoft Office 365 (#14924) and Microsoft Defender Endpoint (#15605), we need to expose the "OAuth2 Endpoint Params" via the integration to allow users to modify the grant_type and the refresh_token value.

What did you see?

This integrations options: https://www.elastic.co/docs/reference/integrations/microsoft_defender_cloud

The other integration options:

Anything else?

Similar to #15605, #14924, and #16134.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Integration:microsoft_defender_cloudMicrosoft Defender for CloudTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]enhancementNew feature or requestneeds:triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions