/
Source Configuration for Microsoft Intune Importer

Source Configuration for Microsoft Intune Importer

Owned by Pio
Last updated: Mar 20, 2025 by Eva Ruzheva
3 min read

Microsoft Graph Connection Configuration

 

To integrate with Microsoft Intune, an application must be registered with an Azure AD tenant. Once you register the application, you can fill in the Application ID, Directory (tenant) ID, and Application Secret values for the Azure Connection Configuration.

 

You will need help from the Azure Admin in your organization for the following configuration.

 

  1. Login to Azure Portal (portal.azure.com).

  2. Select Microsoft Entra ID.

  1. Click "Add", then choose "App registration" from the options.

  1. Enter a Name, then click "Register"

e.g. Microsoft Intune Importer for JSM Assets

  • After registration, you will need to:

  • Copy Application (Client) ID.

  • Copy Directory (Tenant) ID.

Generate an Application Secret:

  • Navigate to Add a certificates or secret.

  • Click New Client Secret → Set expiration → Copy the generated secret.

These are all required when establishing Source Connection in Microsoft Intune Importer. For Reference:

image-20250320-151352.png
image-20250320-151445.png
image-20250320-151540.png

Important: Ensure you copy the Value, not the Secret ID. The Value is required for authentication and will be hidden once you leave the page.

image-20250320-151741.png

  1. Select “API Permissions” from the menu on the left side and then “Add Permission”.

image-20250320-151935.png
image-20250320-152357.png

9. Select “Microsoft Graph” and add “DeviceManagementManagedDevices.Read.All“ for the “Application” type.

 

  1. Ensure that your Azure Admin provides consent for the required permission. The screen should display the following:

  • Permission: DeviceManagementManagedDevices.Read.All

  • Type: Application

  • Admin Consent Requested: Yes

  • Status: Granted for <your definition>

This step is crucial, as we frequently receive customer tickets related to permission errors. The most common mistake Azure Admins make is selecting "Delegated" (the default) instead of "Application" as the permission type.

  1. Fill in the required fields under Azure Connection Configuration in the Source tab of Azure AD Importer for JSM Assets. Then, click "Save & Check Connection" to confirm the configuration is successful.

image-20250228-102204.png

  1. Now configure Destination.

 

Related content