# Add Permissions to the Application - Defender for Endpoint

{% hint style="warning" %}
This document is under construction. Please excuse our dust.
{% endhint %}

The application you created in the previous section requires additional API permissions to access Defender for Endpoint. 

#### Step 1: 

* Sign into your Azure account.
* Go to the App you created on [register-epiphany-as-an-application-in-azure](https://docs.reveald.com/technical-documentation/data-sources/azure-services/register-epiphany-as-an-application-in-azure "mention") and navigate to **API permissions**. \ <br>

  <figure><img src="https://4132260347-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Ftkp3obVDMu3n9ZTUpfEP%2Fuploads%2F1GQBHURSavX8Zp9MlyoJ%2Fimage.png?alt=media&#x26;token=353c3413-de25-4699-93f2-b037edb14d4a" alt=""><figcaption></figcaption></figure>

#### Step 2:

* Select **Add a permission**
* Select **APIs my organization uses**
* In the search box, type **WindowsDefenderATP**.&#x20;
* Select **WindowsDefenderATP**.&#x20;

Step 3:&#x20;

<figure><img src="https://4132260347-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Ftkp3obVDMu3n9ZTUpfEP%2Fuploads%2F92oZA6Xzp6oRbS9iVP1L%2Fapplication-permissions.png?alt=media&#x26;token=e6789de3-29c1-4ece-a1e6-e736c5ca91e3" alt=""><figcaption></figcaption></figure>

* Select the following permissions:&#x20;
  * Machine.Read.All&#x20;
  * User.Read.All&#x20;
  * Alert.Read.All&#x20;
  * Software.Read.All&#x20;
  * Vulnerability.Read.All&#x20;
* Select **Add permissions**

Step 4:

Every time you add a permission, you must select **Grant consent** for the new permission to take effect.

<figure><img src="https://4132260347-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Ftkp3obVDMu3n9ZTUpfEP%2Fuploads%2FDTPV6wlvDexG9UikrZ9V%2Fgrant-consent.png?alt=media&#x26;token=bff963d2-a623-4f5a-983c-220fbbb64ecd" alt=""><figcaption></figcaption></figure>

* Select **Grant admin consent for \[Application Name]**