You can use the Microsoft Graph Security API to connect Microsoft security products, services, and partners to streamline security operations and improve threat protection, detection, and response capabilities. The Microsoft Graph Security API is an intermediary service (or broker) that provides a single programmatic interface to connect multiple Microsoft Graph Security providers (also called security providers or providers). Requests to the Microsoft Graph Security API are federated to all applicable security providers.
- The application user signs in to the provider application to view the consent form from the provider. This consent form experience or UI is owned by the provider and applies to non-Microsoft providers only to get explicit consent from their customers to send requests to Microsoft Graph Security API.
- The client consent is stored on the provider side.
- The provider consent service calls the Microsoft Graph Security API to inform consent approval for the respective customer.
- The application sends a request to the Microsoft Graph Security API.
- The Microsoft Graph Security API checks for the consent information for this customer mapped to various providers.
- The Microsoft Graph Security API calls all those providers the customer has given explicit consent to via the provider consent experience.
- The response is returned from all the consented providers for that client.
- The result set response is returned to the application.
- If the customer has not consented to any provider, no results from those providers are included in the response.