Security Compliance API Endpoints #4
Conversation
Focus: Security Settings Collection GET /api/v1/compliance/security/mfa-settings – MFA configuration GET /api/v1/compliance/security/conditional-access – Conditional access GET /api/v1/compliance/security/external-sharing – External sharing settings GET /api/v1/compliance/security/admin-roles – Admin role assignments link to planner: https://teams.microsoft.com/l/entity/com.microsoft.teamspace.tab.planner/mytasks?tenantId=d02378ec-1688-46d5-8540-1c28b5f470f6&webUrl=https%3A%2F%2Ftasks.teams.microsoft.com%2Fteamsui%2FpersonalApp%2Falltasklists&context=%7B%22subEntityId%22%3A%22%2Fv1%2Fplan%2FlcHW9ElPMUK9pRly1LHeX8gABVGl%2Fview%2Fgrid%2Ftask%2F7xuLBhysAEeuUhma6aZ1P8gAEPFw%22%7D
dec1belPP
left a comment
dec1belPP
left a comment
There was a problem hiding this comment.
Hey @ovinvinwath , thank you for the PR. As we discussed before, since your implementation and testing of these endpoints were limited due to no access to an E5 tenant, please update the PR and ticket to document this.
Due to this limitation, I am skipping over the get_token function in security.py and the Pydantic models as a review of these now is counterintuitive.
However, there are some other fixes that are needed before this can be merged outlined below:
1. Missing Required Dependencies
Code uses aiohttp and azure.identity but these are not in pyproject.toml:
Fix: Add missing dependencies and commit pyproject.toml
Duplicate Imports
auth is imported twice at lines 7 and 10 in main.py.
Fix: Remove duplicate import
2. Duplicate Routing
configure_routing already includes routers individually.
Fix: Remove app/api/v1/__init__.py to prevent duplication and keep routing clearer and update implementation as neccassary.
|
Hi Pasindu, I've made some changes to the files as per your request. I'v updated the toml file, deleted the code in the api/v1 init.py file and removed duplicate code. Thankyou |
|
Hi @ovinvinwath, could you also resolve the conflicts? Thank you. |
|
Hi Passindu, I made the necessary changes to the main.py file and have resolved the merge conflicts. Thank you. |
2 participants
Focus: Security Settings Collection for compliance
Overview: Developed a security compliance assessment API for Microsoft 365 environments using FastAPI. The API enables automated security control evaluations through dedicated endpoints. Due to E5 tenant access limitations, I am skipping over the get_token function in security.py and the Pydantic models as a review of these now is counterintuitive.The endpoints are listed below;
link to planner:
https://teams.microsoft.com/l/entity/com.microsoft.teamspace.tab.planner/mytasks?tenantId=d02378ec-1688-46d5-8540-1c28b5f470f6&webUrl=https%3A%2F%2Ftasks.teams.microsoft.com%2Fteamsui%2FpersonalApp%2Falltasklists&context=%7B%22subEntityId%22%3A%22%2Fv1%2Fplan%2FlcHW9ElPMUK9pRly1LHeX8gABVGl%2Fview%2Fgrid%2Ftask%2F7xuLBhysAEeuUhma6aZ1P8gAEPFw%22%7D