api-discovery.md

title	description	ms.date	ms.topic
Defender for Cloud Apps Cloud Discovery API	This article provides information about using the Cloud Discovery API.	01/29/2023	reference

Cloud Discovery API

Cloud Discovery APIs allow developers to automate log uploads, list and interact with discovered apps, and generate block scripts for enforcement by a firewall or a Security Web Gateway.

Automate log updates

Cloud Discovery APIs for automating log uploads enable you to upload files generated by your firewall or Security Web Gateway to find Shadow IT in your cloud environment and list discovered cloud apps.

Use the Cloud Discovery API to automate the uploading of your company's discovery log files. The file upload process consists of the following 3 API endpoints which must be called consecutively.

• Initiate file upload
• Perform file upload
• Finalize file upload

List continuous reports and categories

As part of its Cloud Discovery solution, Defender for Cloud Apps uses continuous reports. These reports represent an automatic log upload from a specific data source (such as your Microsoft Defender for Endpoint devices). Each continuous report contains the following:

• Discovered apps: All apps found in the specified continuous report
• Categories: All app categories associated with the specified continuous report

You can use the following API endpoints to work with continuous reports.

• List continuous reports
• List continuous report categories

Blocking unsanctioned applications using a firewall or Security Web Gateway

Defender for Cloud Apps enables you to block access to unsanctioned apps by using your existing on-premises security appliances. Use the Generate block script call to get a dedicated block script and import it to your appliance.

• Generate block script

[!INCLUDE Open support ticket]