About the connector
Azure Notification Hubs provide an easy-to-use and scaled-out push engine that allows you to send notifications to any platform (iOS, Android, Windows, Kindle, Baidu, etc.) from any backend (cloud or on-premises).
This document provides information about the Azure Notification Hub connector, which facilitates automated interactions, with an Azure Notification Hub server using FortiSOAR™ playbooks. Add the Azure Notification Hub Connector as a step in FortiSOAR™ playbooks and perform automated operations such as creating a notification hub, deleting a notification hub, getting a list of notification hubs, etc.
Version information
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 7.3.1-2105
Azure Tested on: Azure Portal - Cloud
Authored By: Fortinet
Certified: Yes
You can get authentication tokens to access the Microsoft Defender For Cloud APIs using the "On behalf of the User – Delegate Permission. For more information see, Create an app to access Microsoft 365 Defender APIs on behalf of a user article.
- Ensure that the required permissions are granted for the registration of the application. Select API Permissions > Add permission > Microsoft APIs > Azure Service Management.
Note: The 'user_impersonation' API Permission should be granted to the registered application.
- The Redirect URL can be directed to any web application in which you want to receive responses from Azure AD. If you are unsure about what to set as a redirect URL, you can use https://localhost/myapp.
- Copy the following URL and replace the
TENANT_ID, CLIENT_ID, and REDIRECT_URI with your own tenant ID, client ID, and redirect URI: https://login.microsoftonline.com/TENANT_ID/oauth2/v2.0/authorize?response_type=code&scope=https://management.azure.com/user_impersonation offline_access user.read&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI
- Enter the above link with the replaced values and you will be prompted to grant permissions for your Azure Service Management. You will be automatically redirected to a link with the following structure:
REDIRECT_URI?code=AUTH_CODE&session_state=SESSION_STATE
- Enter the following details in the Connector Configuration dialog in your FortiSOAR instance:
- Copy the
AUTH_CODE (without the "code=" prefix) and paste it in the 'Authorization Code' parameter.
- Copy your client ID to the 'Client ID' parameter field.
- Copy your tenant ID to the 'Tenant ID' parameter field.
- Copy your client secret to the 'Client Secret' parameter field.
- Copy your redirect URI to the 'Redirect URL' parameter field. By default, it is set to https://localhost/myapp.
Installing the connector
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-azure-notification-hub
Prerequisites to configuring the connector
- You must have the URL of the Azure Notification Hub server to which you will connect and perform automated operations and credentials to access that server.
- The FortiSOAR™ server should have outbound connectivity to port 443 on the Azure Notification Hub server.
Minimum Permissions Required
Configuring the connector
For the procedure to configure a connector, click here
Configuration parameters
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Azure Notification Hub connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter |
Description |
| Server URL |
Enter the Service-based URI to which you will connect and perform the automated operations. |
| Client ID |
Enter the unique ID of the Azure Active Directory application that is used to create an authentication token required to access the API. |
| Client Secret |
Enter the unique Client Secret of the Azure Active Directory application that is used to create an authentication token required to access the API. |
| Tenant ID |
Enter the ID of the tenant that you have been provided for your Azure Active Directory instance. |
| Authorization Code |
Enter the authorization code that you acquired during the authorization step. For more information, see the Getting Access Tokens using the On behalf of the user – Delegate Permission method section. |
| Redirect URL |
Enter the redirect_uri of your app, where authentication responses can be sent and received by your app. The redirect URL that you specify here must exactly match one of the redirect_uri's you have registered in your app registration portal |
| Verify SSL |
Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True. |
Actions supported by the connector
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™:
| Function |
Description |
Annotation and Category |
| Create Notification Hub |
Creates a notification hub in a specific namespace based on the subscription ID, resource group name, namespace name, notification hub name, and other input parameters you have specified. |
create_notification_hub
Investigation |
| Get Notification Hubs List |
Lists the notification hubs associated with a specific namespace based on the subscription ID, resource group name, and namespace name you have specified. |
list_notification_hubs
Investigation |
| Update Notification Hub |
Updates a specific notification hub in a specific namespace based on the subscription ID, resource group name, namespace name, notification hub name, and other input parameters you have specified. |
update_notification_hub
Investigation |
| Delete Notification Hub |
Deletes a specific notification hub from a specific namespace based on the subscription ID, resource group name, namespace name, and notification hub name you have specified. |
create_notification_hub
Investigation |
operation: Create Notification Hub
Input parameters
| Parameter |
Description |
| Subscription ID |
Specify the subscription credentials which uniquely identify your Microsoft Azure subscription using which you want to create the notification hub. |
| Resource Group Name |
Specify the name of the resource group in which you want to create the notification hub. |
| Namespace Name |
Specify the name of the namespace in which you want to create the notification hub. |
| Notification Hub Name |
Specify the name of the notification hub that you want to create. |
| Location |
Specify the resource location in which you want to create the notification hub. |
| Tags |
(Optional) Specify the resource tags you want to associate with the created notification hub. |
Output
The output contains the following populated JSON schema:
{
"id": "",
"name": "",
"type": "",
"location": "",
"tags": "",
"properties": {
"registrationTtl": "",
"authorizationRules": []
}
}
operation: Get Notification Hubs List
Input parameters
| Parameter |
Description |
| Subscription ID |
Specify the subscription credentials which uniquely identify your Microsoft Azure subscription using which you want to retrieve the list of notification hubs. |
| Resource Group Name |
Specify the name of the resource group from which you want to retrieve the list of notification hubs. |
| Namespace Name |
Specify the name of the namespace from which you want to retrieve the list of notification hubs. |
Output
The output contains the following populated JSON schema:
{
"value": [
{
"id": "",
"name": "",
"type": "",
"location": "",
"tags": "",
"properties": {
"registrationTtl": "",
"authorizationRules": []
}
}
],
"nextLink": ""
}
operation: Update Notification Hub
Input parameters
| Parameter |
Description |
| Subscription ID |
Specify the subscription credentials which uniquely identify your Microsoft Azure subscription using which you want to update the specific notification hub. |
| Resource Group Name |
Specify the name of the resource group in which you want to update the specific notification hub. |
| Namespace Name |
Specify the name of the namespace in which you want to update the specific notification hub. |
| Notification Hub Name |
Specify the name of the notification hub that you want to update. |
| Location |
Specify the resource location in which you want to update the specific notification hub. |
| Tags |
(Optional) Specify the resource tags you want to update in the specific notification hub. |
Output
The output contains the following populated JSON schema:
{
"id": "",
"name": "",
"type": "",
"location": "",
"tags": "",
"properties": {
"registrationTtl": "",
"authorizationRules": []
}
}
operation: Delete Notification Hub
Input parameters
| Parameter |
Description |
| Subscription ID |
Specify the subscription credentials which uniquely identify your Microsoft Azure subscription using which you want to delete the specific notification hub. |
| Resource Group Name |
Specify the name of the resource group from which you want to delete the specific notification hub. |
| Namespace Name |
Specify the name of the namespace from which you want to delete the specific notification hub. |
| Notification Hub Name |
Specify the name of the notification hub that you want to delete. |
Output
The output contains the following populated JSON schema:
{
"message": "",
"status": ""
}
Included playbooks
The Sample - Azure Notification Hub - 1.0.0 playbook collection comes bundled with the Azure Notification Hub connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Azure Notification Hub connector.
- Create Notification Hub
- Delete Notification Hub
- List Notification Hubs
- Update Notification Hub
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.
