Microsoft Intune integration
Introduced in 2022.1
Updated in 2023.1
Integration with Microsoft Intune is a pre-built workflow package that keeps your CMDB in sync with devices you manage in Microsoft Intune. It regularly imports data about your organization's computers, laptops, and mobile phones from Microsoft Intunes and creates or updates Computer and
What does Microsoft Intune integration include?
Integration with Microsoft Intune includes these workflow items:
-
Workflow parameters for quick customization
-
Workflow scheduled task "Microsoft Intune Integration" #2907 that regularly imports computers and mobile phones from Microsoft Intune to Alloy Navigator
-
Other workflow items and components that make that scheduled task work
To enable the Microsoft Intune integration, you must first configure it as described below.
Configure Microsoft Intune integration
To start using the integration, you must specify its workflow configuration. Here is what you will need. All these data are available in your organization's Microsoft Azure portal.
-
Tenant ID - the globally unique identifier (GUID) that identifies your organization in Microsoft
-
Register a Microsoft Graph application in your tenant and grant the registered application this API application permission:
DeviceManagementManagedDevices.Read.All.INFO: For instructions, see Register a Microsoft Graph application.
Obtain these credentials:
-
Client ID - the Application (client) ID that uniquely identifies your registered Microsoft Graph application. It appears on the overview page when you register the application.
-
Client Secret - the client secret for your Microsoft Graph application to prove its identity when requesting a token. To create a client secret, under Manage, select Certificates & secrets and follow on-screen instructions.
-
To configure integration with Microsoft Intune:
-
In Alloy Navigator's web Admin Center or desktop Settings App , go to Workflow and Business Logic > Workflow Configuration > Integrations > Microsoft Intune.
-
Provide your credentials from Microsoft Azure portal: Tenant ID, Client ID, and Client Secret. For details, see the section above these steps.
-
Specify other details, including the types of devices you want to import, the policy on handing unknown device types, and others.
To learn about every configuration parameter, see its description.
-
Click Save to apply your changes.
Test your Microsoft Intune integration
We recommend that you first turn the Safe Mode on and test the integration in the safe mode, without creating any records. You will need your Admin Center or Settings App for this.
NOTE: Make sure that the Automation Server is running. In the Settings App, you can do this by checking the status of the Automation Server icon 
in the App status bar.
-
Under Workflow and Business Logic > Workflow Configuration > Integrations > Microsoft Intune, turn the Safe Mode on.
TIP: You may want to use the Safe Mode in conjunction with the Debug Logging Status when issues arise. Logs are available under Services > Scheduled Tasks > Logs in Settings or Admin Center. The task name is Microsoft Intune Integration.
-
Go to Services > Scheduled Tasks, select the Microsoft Intune Integration task, and click Run on the Module menu.
If the Run command is unavailable, make sure that the integration is enabled, Microsoft credentials are provided, and the Automation Server is set-up and running. You may need click Refresh to refresh the information.
-
To verify whether the task would run as expected, double-click the task, go to the Sessions tab, and review the entry at the top. You can also view the log under Services > Scheduled Tasks > Logs.
Automate your Microsoft Intune integration
If everything works as expected, you can automate and schedule your Microsoft Intune integration. To do so, just enable the scheduled task. You may want to customize the default schedule before.