Source Configuration for Microsoft Intune
- Pio
Microsoft Graph Connection Configuration
To integrate with Microsoft Intune, an application must be registered with an Azure AD tenant. Once you register the application, you can fill in the Application ID, Directory (tenant) ID, and Application Secret values for the Azure Connection Configuration.
You will need help from the Azure Admin in your organization for the following configuration.
1- Login to Azure Portal (portal.azure.com)
2- Select Azure AD.
 |
3- Click “Add” and select “App registration”
 |
4- Add the “Name” and click the “Register” button.
i.e. Microsoft Intune Importer for JSM Assets
5- Note down “Application (client) ID” and “Directory (tenant) ID” and click “Add a certificate or a secret” on the right side.
6- Add the description “Microsoft Intune Importer for JSM Assets”, set the expiration date as you wish, and click the “Add” button below.
7- Copy the “Value” of the new client secret.
Please don’t copy the Secret ID. Copy the Value of the Secret.
8- Select the “API Permissions” menu on the left side and click “Add a permission”.
9- Select “Microsoft Graph” and add “DeviceManagementManagedDevices.Read.All“ for the “Application” type.
|
10- Make sure your Azure Admin provides consent for the permission. The screen needs to be as follows.
Permission: DeviceManagementManagedDevices.Read.All
Type: Application
Admin consent requested: Yes
Status: Granted for <your definition>
Just wanted to highlight that this step is important and we receive tickets from our customers regarding permission errors. Most common mistake done by Azure Admins is defining the type as “Delegated” which is the default, instead of “Application”.
11- Fill in the appropriate fields of Connection Settings in the Configuration tab of Microsoft Intune Importer for JSM Assets. Click “Save & Check Connection” to verify the configuration is successful.
12- Now configure the Destination.