Microsoft Intune
Microsoft Intune is a management tool that offers mobile device and application management capabilities.
Note
This adapter is in addition to the Microsoft Entra ID (Azure AD) and Microsoft Intune adapter. It does not remove any capabilities from Microsoft Entra ID (Azure AD) and Microsoft Intune. It is recommended to use the Microsoft Intune adapter when you need to fetch Intune data separately from Entra.
Asset Types Fetched
- Devices, Software, SaaS Applications
Before You Begin
APIs
Axonius uses the Microsoft Graph API.
Permissions
The following permissions are required:
- DeviceManagementManagedDevices.Read.All - This is a Delegated permission on the Application level. To set this permission, refer to the instructions for setting permissions on Entra ID, Microsoft 365, and Intune.
- DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All - these permissions are required to successfully use the Enrich Intune Devices with Intune Devices Reportsadvanced setting.
Supported From Version
Supported from Axonius version 6.1
Connecting the Adapter in Axonius
To connect the adapter in Axonius, provide the following parameters:
Required Parameters
- Azure Client ID - The Application ID of the Axonius application.
- Azure Client Secret - Specify a non-expired key generated from the new client secret.
- Azure Tenant ID - The ID for Microsoft Entra ID.
- Cloud Environment - Select your Microsoft Azure or Microsoft Entra ID cloud environment type.
Optional Parameters
- Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
- HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.
- HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
- HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Note
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Enrich Intune Devices with Windows Autopilot Device Identities - Select to add the following additional information to fetched devices: Group Tag, Profile Status, Date Assigned, Enrollment State, Purchase Order, Last Contacted Date. Note that you must enable Fetch Devices from Intune Devices for this to work.
- Enrich Intune Devices with Discovered Apps - Select to enrich Devices with data of the discovered applications installed on each device.
- Enrich Intune Devices with Intune Devices Reports - Select to enrich Devices with data from Intune Devices Reports.
- When you enable this option, expand the Reports section to select Intune reports to enrich devices with.
- Fetch Software from Intune All Apps - Select to fetch all applications registered in Intune. These applications are then saved in Axonius as Software assets and their Approval Status is set to Approved. See Software Registry for more information on approved / unapproved software.
Note
For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.
Version Matrix
This adapter was only tested with the versions marked as supported, but may work with other versions. Contact Axonius Support if you have a version that is not listed, which is not functioning as expected.
| Version | Supported | Notes |
|---|---|---|
| Graph API v1.0 | Yes | -- |
Related Enforcement Actions
Updated 2 days ago