In the fn_microsoft_security_graph the URL that defines the scope used to request permissions is hardcoded as https://graph.microsoft.com/.default, which doesn't work for GCC High (gov cloud) connections.
After running the integration in my debugger I found the get_alerts function was recieveing the following response:
Description
In the fn_microsoft_security_graph the URL that defines the scope used to request permissions is hardcoded as
https://graph.microsoft.com/.default
, which doesn't work for GCC High (gov cloud) connections.After running the integration in my debugger I found the
get_alerts
function was recieveing the following response:Setting scope to
https://graph.microsoft.us/.default
appears to fix the problem.Describe How to Reproduce
Configure the integration to communicate with GCC High.