Microsoft Intune

Microsoft Intune is a management tool that offers mobile device and application management capabilities.

📘

Note

This adapter is in addition to the Microsoft Entra ID (Azure AD) and Microsoft Intune adapter. It does not remove any capabilities from Microsoft Entra ID (Azure AD) and Microsoft Intune. It is recommended to use the Microsoft Intune adapter when you need to fetch Intune data separately from Entra.

Asset Types Fetched

Devices | Software | SaaS Applications

Before You Begin

APIs

Axonius uses the Microsoft Graph API.

Permissions

General Application Permissions

• DeviceManagementManagedDevices.Read.All - Required to fetch Intune Devices. To set this permission, refer to instructions for setting permissions on Entra ID, Microsoft 365, and Intune.
• DeviceManagementServiceConfiguration.Read.All

Permissions for Advanced Settings

See Advanced Settings for the full list.

Supported From Version

Supported from Axonius version 6.1

Connecting the Adapter in Axonius

To connect the adapter in Axonius, provide the following parameters:

Required Parameters

1. Azure Client ID - The Application ID of the Axonius application.
2. Azure Client Secret - Specify a non-expired key generated from the new client secret.
3. Azure Tenant ID - The ID for Microsoft Entra ID.
4. Cloud Environment - Select your Microsoft Azure or Microsoft Entra ID cloud environment type.

Optional Parameters

1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.
3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

Endpoint Config

This section lists different data types to enrich Devices with. Enable Fetch Devices from Intune Devices to be able to select the enrichment data you're interested in.

The following table lists the Application permissions required to use each setting.

Additional Advanced Settings

• Fetch Software from Intune All Apps - Select to fetch all applications registered in Intune. These applications are then saved in Axonius as Software assets and their Approval Status is set to Approved. See Software Registry for more information on approved / unapproved software.

📘

Note

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Version Matrix

This adapter was only tested with the versions marked as supported, but may work with other versions. Contact Axonius Support if you have a version that is not listed, which is not functioning as expected.

Related Enforcement Actions

• Microsoft Intune - Update Device
• Microsoft Intune - Delete Managed Device
• Microsoft Intune - Delete Autopilot Device