Microsoft Intune
  • 27 Feb 2025
  • 3 Minutes to read
  • Dark
    Light

Microsoft Intune

  • Dark
    Light

Article summary

Microsoft Intune is a cloud-based endpoint management solution. Intune simplifies app and device management across your device portfolio, including mobile devices, desktop computers, and virtual endpoints. For detailed information, refer to the Microsoft’s official documentation.

Integration Method: API

Tables: Account Change (3001), Entity Management (3004), Group Management (3006), Device Inventory Info (5001), User Inventory Info (5003)

This integration supports the following events.

Event

Description

Devices

List properties and relationships of the managedDevice objects.

Audits

Get the list of audit logs generated by Microsoft Entra ID.

This integration supports the following versions.

Microsoft Graph API version

v1.0

Note:

Intune doesn’t follow a traditional versioning system. Instead, it is a continuously updated cloud service. As of this document preparation, latest release was on February 17, 2025.

Prerequisites

  • The user should have access to the Azure portal with an account that has the Global Administrator privilege. 

  • The user should have access to the DataBee console.

Configuration Overview

  1. Create an application with required permissions to fetch the data.

  2. Create Microsoft Intune Data Feed in the DataBee console with the required Client credentials.

DataBee Parameter

Azure Parameter

Client Key

Application (client) ID

Client Secret

Client Secret Value

Token URL(<application_id>)

Directory (Tenant) ID

Azure Configuration

Create an application

  1. Log on to Azure portal with an account that has the Global Administrator privilege.  

  2. In the search bar, search for App registrations and select it.
     

  3. On the “App registrations” page, select New registration, theRegister an application” window will appear.
     

  4. On the “Register an application” window:

    1. Under ‘Name’ enter your Application Name then click on Register to create the application.
       

  5. On the app Overview page, copy the Application (client) ID and Directory (tenant) ID for later use.
      

Add Endpoint Access  

Once the application is created, three permissions should be provided in order to fetch data. The appropriate permissions for the application are needed to access these endpoints. The following section details how to configure and add permissions to the required endpoints.  

Add Permissions  

From the Azure Active Directory portal:  

  1. Select the application registered in the previous step.

  2. Under Manage, click API permissions and then click Add a permission, the “Request API permissions” window will appear. 
     

  3. On “Request API permissions” window, Click on Microsoft APIs then on Microsoft Graph.
     

  4. Click on Application permissions.
     Inserting image...

  5. The following permissions need to be granted for the endpoint to function properly:  

    Event

    Type

     Permission

    Devices

    Application

    DeviceManagementManagedDevices.Read.All

    Audits

    Application

    AuditLog.Read.All

    Audits  

    Application

    Directory.Read.All

  6. In the Select permissions search bar, enter the permission shown above, and check the box to include them.
     

  7. Click the Add permissions button after selecting all required permissions. 
     Inserting image...

  8. On the API permissions page, click Grant Admin Consent for <tenant>
     

  9. Click the Yes button on the consent confirmation.
     

  10. The required permissions are now added for the endpoints. 
     

Create the Client Secret

The final step is creating a Client Secret. From the Azure Portal:  

  1. Select the application created above.

  2. Under Manage, Click Certificates & secrets, and then Client secrets
     

  3. Click New client secret. Then “Add a client secret” window appears. 
     

  4. In the “Add a client secret” window:

    1. Enter a ‘Description’ for this client secret and select the desired expiry period from the ‘Expires’ drop-list.

    2. Click on Add to create the client secret.
       

      Note:

      The user needs to re-create the client secret when it expires.

  5. Copy the Value field for later use.
     

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Microsoft Intune and click it as shown below. 

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, enter the following:

    • API Base URL: This is the base URL that DataBee will interact with.

    • Authorization Method: OAuth2

    • Client Key: Paste the Application(Client)ID generated earlier in the Azure portal.

    • Client Secret: Paste the Secret Value generated earlier in the Azure portal.

    • Token URL: Replace <application_id> with your Directory (Tenant) ID.

    • Event Types: Preselected for all the event types the integration supports.

  6. Click Submit.
     

Troubleshooting Tips

  • If you are facing an invalid client or unauthorized client error this might be possibly due to incorrect credentials. Ensure the client key, client secret and Tenant ID are pasted correctly. Since you cannot view the client secret after the 1st time, re-create it, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.

  • If you are facing a 403-response code this might be possibly due to missing permission. Ensure that all the required permissions are granted correctly as per the above-mentioned steps.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence