Microsoft Intune Component
Use the Microsoft Intune component to manage users, devices, and applications.
Component key: ms-intune · · Changelog ↓Description
Microsoft Intune is a cloud-based service that focuses on device management and application management. This component allows you to manage users, devices, groups, mobile applications, and device compliance policies within Microsoft Intune.
API Documentation
This component was built using the Microsoft Graph REST API v1.0.
Connections
OAuth 2.0
key: msIntuneOAuth2To connect to Microsoft Intune using OAuth 2.0, create an app registration in Microsoft Entra.
Prerequisites
- A Microsoft account with administrative access to Microsoft Entra (formerly Azure AD)
Setup Steps
- Navigate to the Microsoft Entra admin center and go to Identity > Applications > App registrations, then select New registration.
- Configure the app registration:
- Set Supported account types to Accounts in any organizational directory (Any Azure AD directory - Multitenant) to allow users from different organizations to authenticate.
- Under Redirect URI, select Web as the platform and enter:
https://oauth2.prismatic.io/callback - Select Register to complete the initial setup.
- Navigate to Certificates & Secrets and create a new Client Secret. Copy the Value immediately (it will not be shown again).
- Navigate to the Overview page and copy the Application (client) ID.
- Navigate to API Permissions and select Add a permission:
- Select Microsoft Graph
- Select Delegated permissions
- Under DeviceManagementManagedDevices, add the required permissions such as DeviceManagementManagedDevices.PrivilegedOperations.All and DeviceManagementManagedDevices.Read.All
- Add any additional permissions required by the integration
For more information on available permissions, refer to the Microsoft Graph permissions reference.
Configure the Connection
- Enter the Application (client) ID as the Client ID
- Enter the Client Secret value copied earlier
- Use the default Authorize URL:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize - For Token URL, replace common with the Tenant ID when authenticating to a specific tenant:
- Default:
https://login.microsoftonline.com/common/oauth2/v2.0/token - With Tenant ID:
https://login.microsoftonline.com/abf988bf-86f1-41af-91ab-2d7cd011db46/oauth2/v2.0/token
- Default:
Some actions require tenant-specific authentication. Replace the common portion of the Token URL with the specific Tenant ID when connecting to a particular organization.
| Input | Notes | Example |
|---|---|---|
| Authorize URL | The OAuth 2.0 Authorization URL for Microsoft Intune. For multi-tenant apps, use /common. For single-tenant apps, replace /common with your tenant ID. | https://login.microsoftonline.com/common/oauth2/v2.0/authorize |
| Client ID | Application (client) ID from your App Registration in the Azure Portal. Navigate to Azure Active Directory > App registrations > [Your App] to find this value. Learn more | 12345678-1234-1234-1234-123456789abc |
| Client Secret | Client secret value from your App Registration in the Azure Portal. Navigate to Azure Active Directory > App registrations > [Your App] > Certificates & secrets to generate a new secret. Learn more | |
| Scopes | Space-separated list of Microsoft Graph API permission scopes. Common scopes include DeviceManagementManagedDevices, DeviceManagementApps, Directory, Group, User permissions. Learn more | DeviceManagementManagedDevices.PrivilegedOperations.All DeviceManagementApps.ReadWrite.All DeviceManagementManagedDevices.ReadWrite.All Group.ReadWrite.All Domain.ReadWrite.All User.ReadWrite.All Directory.ReadWrite.All AuditLog.Read.All DeviceManagementConfiguration.ReadWrite.All offline_access |
| Token URL | The OAuth 2.0 Token URL for Microsoft Intune. For multi-tenant apps, use /common. For single-tenant apps, replace /common with your tenant ID. | https://login.microsoftonline.com/common/oauth2/v2.0/token |
OAuth 2.0 Client Credentials
key: oauth2-client-credentialsTo connect to Microsoft Intune using the OAuth 2.0 Client Credentials flow, create an app registration in Microsoft Entra. The client credentials flow is used for server-to-server authentication where the application acts on its own behalf rather than on behalf of a specific user.
Prerequisites
- A Microsoft account with administrative access to Microsoft Entra (formerly Azure AD)
- Admin consent privileges to grant application-level permissions
Setup Steps
- Navigate to the Microsoft Entra admin center and go to Identity > Applications > App registrations, then select New registration.
- Configure the app registration:
- Set Supported account types to Accounts in any organizational directory (Any Azure AD directory - Multitenant) to allow authentication across different organizations.
- Under Redirect URI, select Web as the platform and enter:
https://oauth2.prismatic.io/callback - Select Register to complete the initial setup.
- Navigate to Certificates & Secrets and create a new Client Secret. Copy the Value immediately (it will not be shown again).
- Navigate to the Overview page and copy the Application (client) ID.
- Navigate to API Permissions and select Add a permission:
- Select Microsoft Graph
- Select Application permissions
- Add all permissions required for the intended use case
- After adding all required permissions, select Grant admin consent to authorize the application to use these permissions. This step is required for the client credentials flow to function properly.
For more information on application vs delegated permissions, refer to the Microsoft Graph permissions reference.
Configure the Connection
- Enter the Application (client) ID as the Client ID
- Enter the Client Secret value copied earlier
- Use the default Authorize URL:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize - For Token URL, replace common with the specific Tenant ID (required for client credentials flow):
- Default format:
https://login.microsoftonline.com/common/oauth2/v2.0/token - With Tenant ID:
https://login.microsoftonline.com/abf988bf-86f1-41af-91ab-2d7cd011db46/oauth2/v2.0/token
- Default format:
- Use the default scope:
https://graph.microsoft.com/.default
The client credentials flow requires a tenant-specific Token URL. Replace common with the actual Tenant ID for all actions using this connection type.
| Input | Notes | Example |
|---|---|---|
| Client ID | Application (client) ID from your App Registration in the Azure Portal. Navigate to Azure Active Directory > App registrations > [Your App] to find this value. Learn more | 12345678-1234-1234-1234-123456789abc |
| Client Secret | Client secret value from your App Registration in the Azure Portal. Navigate to Azure Active Directory > App registrations > [Your App] > Certificates & secrets to generate a new secret. Learn more | |
| Scopes | The scope for Microsoft Graph API access. For client credentials flow, use https://graph.microsoft.com/.default to request all permissions configured in your app registration. Learn more | https://graph.microsoft.com/.default |
| Token URL | The OAuth 2.0 Token URL for Microsoft Intune. <strong>Important:</strong> Replace <YOUR_TENANT_ID> with your Azure AD tenant ID. Find your tenant ID in Azure Portal > Azure Active Directory > Overview. | https://login.microsoftonline.com/**<YOUR_TENANT_ID>**/oauth2/v2.0/token |
Triggers
Resource Trigger
Get notified to this flow when the specified resource changes. | key: resourceTrigger
| Input | Notes | Example |
|---|---|---|
| Change Type | The type of change that will trigger notifications. Select one or more change types to monitor. | |
| Connection | The Microsoft Intune connection to use. | |
| Expiration Date Time | The date and time when the webhook subscription expires in UTC format (ISO 8601). The maximum duration varies by resource type. Learn more | 2025-12-31T23:59:59.0000000Z |
| Resource | The Microsoft Graph resource path to monitor for changes (e.g., users, groups, devices/managedDevices). Learn more | users |
The Resource Trigger monitors Microsoft Intune resources for changes using Microsoft Graph change notifications. When a monitored resource is created, updated, or deleted, Microsoft Graph sends a notification to this trigger.
Automatic Subscription Management
This trigger uses lifecycle webhook handlers to automatically manage Microsoft Graph subscriptions:
- On Deploy: When the integration is deployed, subscriptions are automatically created for the selected resource and change types
- On Delete: When the instance is deleted, all subscriptions associated with the webhook URL are automatically removed
Branches
This trigger uses two branches to handle different types of incoming requests:
| Branch | Description |
|---|---|
| Notification | Receives actual change notifications when the monitored resource changes |
| URL Validation | Handles Microsoft Graph validation requests when subscriptions are created |
When a subscription is created, Microsoft Graph sends a validation request containing a validationToken query parameter. The trigger automatically responds with the validation token to complete the subscription setup.
Configuration
| Input | Description |
|---|---|
| Resource | The Microsoft Graph resource to monitor (e.g., users, groups, devices) |
| Change Type | The types of changes to monitor. Multiple selections allowed: created, updated, deleted |
| Expiration Date Time | Optional. When the subscription expires. Defaults to 29 days for users and groups |
Supported Resources
Common resources that can be monitored include:
users- User accountsgroups- Security and Microsoft 365 groupsdevices- Managed devicesapplications- Registered applicationsdeviceManagement/managedDevices- Intune managed devices
For a complete list of supported resources, refer to the Microsoft Graph change notifications documentation.
Example Notification Payload
When a monitored resource changes, Microsoft Graph sends a notification in this format:
{
"value": [
{
"changeType": "updated",
"clientState": null,
"resource": "Users/87d349ed-44d7-43e1-9a83-5f2406dee5bd",
"resourceData": {
"@odata.type": "#Microsoft.Graph.User",
"@odata.id": "Users/87d349ed-44d7-43e1-9a83-5f2406dee5bd",
"id": "87d349ed-44d7-43e1-9a83-5f2406dee5bd"
},
"subscriptionId": "7f105c7d-2dc5-4530-97cd-4e7ae6534c07",
"subscriptionExpirationDateTime": "2025-01-15T18:23:45.9356913Z",
"tenantId": "84bd8158-6d4d-4958-8b9f-9d6445542f55"
}
]
}
Data Sources
Select Compliance Policy Setting Summary
Select a device compliance policy setting state summary from the list of summaries. | key: selectDeviceCompliancePolicySettingStateSummary | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Compliance Policy Setting Summary⤓
Select Detected App
Select a detected app from the list of detected apps | key: selectDetectedApp | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Detected App⤓
Select Device Compliance Policy
Select a device compliance policy from the list of compliance policies. | key: selectDeviceCompliancePolicy | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Device Compliance Policy⤓
Select Device Configuration
Select a device configuration from the list of device configurations. | key: selectDeviceConfiguration | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Device Configuration⤓
Select Directory Audit
Select a directory audit entry from the list of directory audits. | key: selectDirectoryAudit | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Directory Audit⤓
Select Group
Select a group app from the list of groups | key: selectGroup | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Group⤓
Select Group Member
Select a member of a security or Microsoft 365 group. | key: selectMember | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The unique identifier of a MS365 or Security group. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Select Managed Device
Select a managed device from the list of managed devices | key: selectManagedDevice | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Managed Device⤓
Select Mobile App
Select a mobile app from the list of mobile apps | key: selectMobileApp | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Mobile App⤓
Select Mobile App Assignment
Select a mobile app assignment from the list of mobile apps assignments | key: selectMobileAppAssignment | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Mobile App Id | Unique identifier for the mobile app (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Select Mobile App Assignment⤓
Select Subscription
Select a subscription from the list of subscriptions. | key: selectSubscription | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select Subscription⤓
Select User
Select a user from the list of users in your directory. | key: selectUser | type: picklist
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for Select User⤓
Actions
Add Group Member
Add a single member to a security or Microsoft 365 group. | key: addMemberToGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The unique identifier of a MS365 or Security group. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Member Id | The unique identifier of a member (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Add Group Member⤓
Add Group Members
Add members to a security or Microsoft 365 group. | key: addMembersToGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The unique identifier of a MS365 or Security group. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Dynamic Member Ids | Array of member unique identifiers (UUIDs). You must fill either this input or the member IDs input. | |
| Member Ids | Comma-separated list of member unique identifiers (UUIDs). You must fill either this input or the Dynamic member IDs input. | a1b2c3d4-e5f6-7890-abcd-ef1234567890,b2c3d4e5-f678-9012-3456-789012345678 |
Example Payload for Add Group Members⤓
Assign Device Compliance Policy
Assign a device compliance policy by ID. | key: assignDeviceCompliancePolicy
| Input | Notes | Example |
|---|---|---|
| Assign Id | The unique identifier for the policy assignment. | 705c034c-034c-705c-4c03-5c704c035c70 |
| Collection Id | The unique identifier for the Configuration Manager target collection. | 705c034c-034c-705c-4c03-5c704c035c70 |
| Connection | The Microsoft Intune connection to use. | |
| Device Compliance Policy Id | Unique Identifier for the device to assign the compliance policy. | 705c034c-034c-705c-4c03-5c704c035c70 |
| Target | The device compliance policy assignment target type (e.g., configurationManagerCollectionAssignmentTarget, groupAssignmentTarget). | microsoft.graph.configurationManagerCollectionAssignmentTarget |
Example Payload for Assign Device Compliance Policy⤓
Assign Mobile App
Assign a mobile app to a group. | key: assignMobileApp
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The unique identifier of the group to assign the app to (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Intent | The intent of the assignment for the managed app. A 'Required' option will force the app to be installed on the device. An 'Available' option will make the app available for the user to install. An 'Uninstall' option will remove the app from the device. An 'Available Without Enrollment' option will make the app available for the user to install without enrolling the device. | available |
| Mobile App Id | Unique Identifier for the mobile app to assign. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Settings | The mobile app assignment settings type. The value depends on the app platform (e.g., windowsUniversalAppXAppAssignmentSettings, iosLobAppAssignmentSettings). | microsoft.graph.windowsUniversalAppXAppAssignmentSettings |
| Target | The mobile app assignment target type. Common values include allLicensedUsersAssignmentTarget, groupAssignmentTarget, allDevicesAssignmentTarget. | microsoft.graph.allLicensedUsersAssignmentTarget |
Example Payload for Assign Mobile App⤓
Create Group
Create a group. | key: createGroup
| Input | Notes | Example |
|---|---|---|
| Assigned Labels | The list of sensitivity label pairs (label ID, label name) associated with a group | |
| Body Fields | Additional JSON properties to include in the request body. These will be merged with other input values. | |
| Connection | The Microsoft Intune connection to use. | |
| Description | A description for the group. | Self help community for library |
| Display Name | The name to display in the address book for the group. | Library Assist |
| Mail Enabled | When true, creates a mail-enabled group that can receive email messages. | false |
| Mail Nickname | The mail alias for the group, unique for Microsoft 365 groups in the organization. | library |
| Security Enabled | When true, creates a security group. Security groups are used to control access to resources. | false |
| Visibility | Specifies the visibility of the group. Possible values are Private, Public, or Hiddenmembership. | Public |
Example Payload for Create Group⤓
Create Managed App
Create a new App object. | key: createManagedApp
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Description | A description of the app that helps users understand what it is and what they can do with it. This description will be visible in Company Portal. | This is an Office Suite app. |
| Developer | The name of the company or individual that developed the app. This information will be visible in the admin center. | Microsoft |
| Display Name | The name for the app. This name will be visible in the Intune apps list and to users in the Company Portal. | Office Suite App |
| Information URL | A link to a website or documentation with more information about the app. This URL will be visible to users in Company Portal. | https://example.com/info |
| Is Featured | When true, displays this as a featured app in the Company Portal. Featured apps are prominently placed so users can quickly access them. | false |
| Icon Image Type | The MIME type of the app icon image (e.g., image/png, image/jpeg). This field is required if the Icon Image Data is provided. | image/png |
| Icon Image Data | The base64-encoded image data for the app icon. This field is required if the Icon Image Type is provided. | dmFsdWU= |
| Notes | Additional notes about the app for documentation purposes. Notes will be visible in the admin center. | This app is used by the sales team. |
| OData App Type | The OData type of the app to create (e.g., #microsoft.graph.officeSuiteApp, #microsoft.graph.win32LobApp). This depends on the platform of the app. Learn more | #microsoft.graph.officeSuiteApp |
| Owner | The name of the person in your organization who manages licensing or is the point-of-contact for this app. This name will be visible in the admin center. | John Doe |
| Privacy Information URL | A link to the app's privacy policy and terms. This URL will be visible to users in Company Portal. | https://example.com/privacy |
| Publisher | The name of the developer or company that distributes the app. This information will be visible to users in Company Portal. | Microsoft |
| Specific Platform Properties | The specific properties for the app to be created, generic properties like '@odata.type', 'displayName', 'description', etc. are alredy covered by the other inputs. This input should be a JSON object with the specific properties for the app to be created. Check the Microsoft Graph API documentation for the correct properties for the app type you are creating. Documentation for an Office Suite app can be found here https://learn.microsoft.com/en-us/graph/api/intune-apps-officesuiteapp-create?view=graph-rest-beta |
Example Payload for Create Managed App⤓
Create Mobile App Assignment
Create a mobile app assignment. | key: createMobileAppAssignment
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Intent | The intent of the assignment for the managed app. A 'Required' option will force the app to be installed on the device. An 'Available' option will make the app available for the user to install. An 'Uninstall' option will remove the app from the device. An 'Available Without Enrollment' option will make the app available for the user to install without enrolling the device. | available |
| Mobile App Id | The ID of the mobile app to create the assignment for. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Settings | The mobile app assignment settings type. The value depends on the app platform (e.g., windowsUniversalAppXAppAssignmentSettings, iosLobAppAssignmentSettings). | microsoft.graph.windowsUniversalAppXAppAssignmentSettings |
| Target | The mobile app assignment target type. Common values include allLicensedUsersAssignmentTarget, groupAssignmentTarget, allDevicesAssignmentTarget. | microsoft.graph.allLicensedUsersAssignmentTarget |
Example Payload for Create Mobile App Assignment⤓
Create Subscription
Create a subscription. | key: createSubscription
| Input | Notes | Example |
|---|---|---|
| Body Fields | Additional JSON properties to include in the request body. These will be merged with other input values. | |
| Change Type | The type of change that will trigger notifications. Select one or more change types to monitor. | |
| Connection | The Microsoft Intune connection to use. | |
| Expiration Date Time | The date and time when the webhook subscription expires in UTC format (ISO 8601). The maximum duration varies by resource type. Learn more | 2025-12-31T23:59:59.0000000Z |
| Lifecycle Notification URL | The URL endpoint that receives lifecycle notifications (subscriptionRemoved, reauthorizationRequired, missed notifications). Required for Teams resources if the expirationDateTime value is more than 1 hour from now. | https://example.com/lifecycle |
| Notification URL | The URL endpoint that will receive webhook notifications when changes occur. | https://example.com/webhook |
| Resource | The Microsoft Graph resource path to monitor for changes (e.g., users, groups, devices/managedDevices). Learn more | users |
Example Payload for Create Subscription⤓
Create User
Create a new user. | key: createUser
| Input | Notes | Example |
|---|---|---|
| Account Enabled | When true, enables the user account. When false, the account is disabled and the user cannot sign in. | true |
| Additional Properties | Additional properties that are not covered by the other inputs. This should be a JSON object and will be merged with the other inputs. You can get additional properties from the Microsoft Graph API documentation https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0#json-representation | |
| Connection | The Microsoft Intune connection to use. | |
| Display Name | The display name of the user. | John Doe |
| Domain | The domain for the user. This must be an existing verified domain in your tenant. Use the 'List Domains' action to retrieve available domains. | contoso.onmicrosoft.com |
| Force Change Password Next Sign In | When true, forces the user to change their password on next sign in. | true |
| Password | The password for the user account. Must meet your organization's password complexity requirements. | |
| User Principal Name | The user principal name (username) for the user. This will be combined with the domain to create the full user principal name (e.g., john.doe@contoso.com). | john.doe |
Example Payload for Create User⤓
Delete Group
Delete a single group. | key: deleteGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The ID of the group delete. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Delete Group⤓
Delete Group Member
Delete a member from a security or Microsoft 365 group. | key: deleteMemberFromGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The unique identifier of the group to assign the app to (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Member Id | The unique identifier of a member (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Delete Group Member⤓
Delete Managed App
Deletes an App. | key: deleteManagedApp
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Mobile App ID | The ID of the app to delete. | e0741df2-bae3-4649-9599-c47026da1234 |
Example Payload for Delete Managed App⤓
Delete Managed Device
Deletes a Managed Device. | key: deleteManagedDevice
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Managed Device Id | Unique Identifier for the device to delete. | 705c034c-034c-705c-4c03-5c704c035c70 |
Example Payload for Delete Managed Device⤓
Delete Mobile App Assignment
Delete a single mobile app assignment. | key: deleteMobileAppAssignment
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Mobile App Assignment Id | The ID of the mobile app assignment to delete. | 0177548a-548a-0177-8a54-77018a547701 |
| Mobile App Id | The ID of the mobile app to delete the assignment from. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Delete Mobile App Assignment⤓
Delete Subscription by Id
Delete a single subscription by its ID. | key: deleteSubscription
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Subscription ID | The ID of the subscription to delete. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Delete Subscription by Id⤓
Delete Subscriptions from an Endpoint
Delete all subscriptions from an endpoint. | key: deleteAllSubscription
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Notification URL | The URL from which to delete all subscriptions. | https://example.com/webhook |
Example Payload for Delete Subscriptions from an Endpoint⤓
Delete User
Deletes a User. | key: deleteUser
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| User Id | Unique Identifier for the user to delete. This can be the user's id or userPrincipalName. | d36894ae-94ae-d368-ae94-68d3ae9468d3 |
Example Payload for Delete User⤓
Get Detected App
Read properties and relationships of the Detected Apps object. | key: getDetectedApp
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Detected App Id | Unique Identifier for the detected app to retrieve. | caf60db6-0db6-caf6-b60d-f6cab60df6ca |
Example Payload for Get Detected App⤓
Get Device Compliance Policy
Get a device compliance policy by ID. | key: getDeviceCompliancePolicy
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Device Compliance Policy Id | Unique Identifier for the device compliance policy to retrieve. | 705c034c-034c-705c-4c03-5c704c035c70 |
Example Payload for Get Device Compliance Policy⤓
Get Device Compliance Policy Setting State Summary
Retrieve a device compliance policy setting state summary by its ID. | key: getDeviceCompliancePolicySettingStateSummary
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Device Compliance Policy Setting State Summary Id | Unique Identifier for the device compliance policy setting state summary to retrieve. | 705c034c-034c-705c-4c03-5c704c035c70 |
Example Payload for Get Device Compliance Policy Setting State Summary⤓
Get Device Configuration
Get the device configurations. | key: getDeviceConfigurations
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Device Configuration Id | Unique Identifier for the device to retrieve. | 705c034c-034c-705c-4c03-5c704c035c70 |
Example Payload for Get Device Configuration⤓
Get Directory Audit
Get a specific Microsoft Entra audit log item. | key: getDirectoyAudit
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Microsoft Entra Id | The unique identifier for the Microsoft Entra audit log item to retrieve. | 705c034c-034c-705c-4c03-5c704c035c70 |
Example Payload for Get Directory Audit⤓
Get Group
Retrieve a single group. | key: getGroup
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Group Id | The ID of the group retrieve. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Get Group⤓
Get Managed App
Read properties and relationships of an App object. | key: getManagedApp
| Input | Notes | Example |
|---|---|---|
| App Id | The unique identifier of a managed app. You can get this from the 'List Managed Apps' action. | caf60db6-0db6-caf6-b60d-f6cab60df6ca |
| Connection | The Microsoft Intune connection to use. |
Example Payload for Get Managed App⤓
Get Managed Device
Read properties and relationships of the Managed Device object. | key: getManagedDevice
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Managed Device Id | Unique Identifier for the device to retrieve. | 705c034c-034c-705c-4c03-5c704c035c70 |
Example Payload for Get Managed Device⤓
Get Mobile App
Retrieve a single mobile app. | key: getMobileApp
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Mobile App Id | Unique identifier for the mobile app (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Get Mobile App⤓
Get Mobile App Assignment
Retrieve a single mobile app assignment. | key: getMobileAppAssignment
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Mobile App Assignment Id | Unique Identifier for the mobile app assignment to get. | 0177548a-548a-0177-8a54-77018a547701 |
| Mobile App Id | Unique identifier for the mobile app (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Get Mobile App Assignment⤓
Get Subscription
Retrieve a single subscription. | key: getSubscription
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Subscription ID | The unique identifier of the subscription (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Get Subscription⤓
Get User
Read properties and relationships of the User object. | key: getUser
| Input | Notes | Example |
|---|---|---|
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Connection | The Microsoft Intune connection to use. | |
| User Id | Unique Identifier for the user to get. This can be the user's id or userPrincipalName. | d36894ae-94ae-d368-ae94-68d3ae9468d3 |
Example Payload for Get User⤓
List Detected Apps
List properties and relationships of the Detected Apps objects. | key: listDetectedApps
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Detected Apps⤓
List Device Compliance Policies
List all device compliance policies. | key: listDeviceCompliancePolicies
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for List Device Compliance Policies⤓
List Device Compliance Policy Setting State Summaries
Retrieve a list of device compliance policy setting state summaries. | key: listDeviceCompliancePolicySettingStateSummaries
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for List Device Compliance Policy Setting State Summaries⤓
List Device Configurations
List all device configurations. | key: listDeviceConfigurations
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. |
Example Payload for List Device Configurations⤓
List Directory Audits
Retrieve a list of directory audits. | key: listDirectoryAudits
| Input | Notes | Example |
|---|---|---|
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Directory Audits⤓
List Domains
Retrieve a list of domain objects. | key: listDomains
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. |
Example Payload for List Domains⤓
List Group Members
List all members of a security or Microsoft 365 group. | key: listMembersFromGroup
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
| Group Id | The unique identifier of a MS365 or Security group. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for List Group Members⤓
List Groups
List all groups. | key: listGroups
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Groups⤓
List Managed Apps
List all managed apps in Intune. | key: listManagedApps
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Managed Apps⤓
List Managed Devices
List properties and relationships of the Managed Device objects. | key: listManagedDevices
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Managed Devices⤓
List Mobile App Assignments
List all assignments for a mobile app. | key: listMobileAppAssignments
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
| Mobile App Id | Unique identifier for the mobile app (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for List Mobile App Assignments⤓
List Mobile Apps
Retrieve a list of mobile apps. | key: listMobileApps
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Mobile Apps⤓
List Software Update Status Summary
List the status summary of a software update. | key: listSoftwareUpdateStatusSummary
| Input | Notes | Example |
|---|---|---|
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Format | Response format. Typically 'json' for JSON output. | json |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Software Update Status Summary⤓
List Subscriptions
List all Subscriptions. | key: listSubscriptions
| Input | Notes | Example |
|---|---|---|
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Subscriptions⤓
List Users
Retrieve a list of user objects. | key: listUsers
| Input | Notes | Example |
|---|---|---|
| Count | When true, retrieves the total count of matching resources. | false |
| Expand | Comma-separated list of relationships to expand and include in the response. | members,owners |
| Filter | OData filter expression to filter results. Supports operators like eq, ne, startswith, contains. | startswith(givenName,'J') |
| Format | Response format. Typically 'json' for JSON output. | json |
| Order By | Property to sort results by. Add 'asc' or 'desc' suffix for sort direction. | displayName desc |
| Search | Returns results based on search criteria. Use format 'property:value' for specific searches. | displayName:Marketing |
| Select | Comma-separated list of properties to include in the response. Reduces payload size. | id,displayName,mail |
| Skip | Number of results to skip. Use with $top for manual pagination. | 100 |
| Skip Token | Token from a previous response's @odata.nextLink to retrieve the next page of results. | X%274453707402000100000017... |
| Top | Maximum number of results to return per page. | 50 |
| Connection | The Microsoft Intune connection to use. | |
| Fetch All | When true, fetches all pages of results using pagination. | false |
Example Payload for List Users⤓
Raw Request
Send raw HTTP request to Microsoft Intune API | key: rawRequest
| Input | Notes | Example |
|---|---|---|
| API Version | The version of the API to use. | |
| Connection | The Microsoft Intune connection to use. | |
| Data | The HTTP body payload to send to the URL. | {"exampleKey": "Example Data"} |
| Debug Request | Enable this to log the request and response | false |
| File Data | File Data to be sent as a multipart form upload. | [{key: "example.txt", value: "My File Contents"}] |
| File Data File Names | File names to apply to the file data inputs. Keys must match the file data keys above. | |
| Form Data | The Form Data to be sent as a multipart form upload. | [{"key": "Example Key", "value": new Buffer("Hello World")}] |
| Header | A list of headers to send with the request. | User-Agent: curl/7.64.1 |
| Max Retry Count | The maximum number of retries to attempt. Specify 0 for no retries. | 0 |
| Method | The HTTP method to use. | |
| Query Parameter | A list of query parameters to send with the request. This is the portion at the end of the URL similar to ?key1=value1&key2=value2. | |
| Response Type | The type of data you expect in the response. You can request json, text, or binary data. | json |
| Retry On All Errors | If true, retries on all erroneous responses regardless of type. This is helpful when retrying after HTTP 429 or other 3xx or 4xx errors. Otherwise, only retries on HTTP 5xx and network errors. | false |
| Retry Delay (ms) | The delay in milliseconds between retries. This is used when 'Use Exponential Backoff' is disabled. | 0 |
| Timeout | The maximum time that a client will await a response to its request | 2000 |
| URL | Input the path only (/deviceManagement/detectedApps), The base URL is already included (https://graph.microsoft.com/v1.0). For example, to connect to https://graph.microsoft.com/v1.0/deviceManagement/detectedApps, only /deviceManagement/detectedApps is entered in this field. e.g. /deviceManagement/detectedApps | /sobjects/Account |
| Use Exponential Backoff | Specifies whether to use a pre-defined exponential backoff strategy for retries. When enabled, 'Retry Delay (ms)' is ignored. | false |
Reprocess User License Assignment
Reprocess all group-based license assignments for the user. | key: reprocessUserLicenseAssignment
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| User Id | Unique Identifier for the user to reprocess the license assignment. This can be the user's id or userPrincipalName. | d36894ae-94ae-d368-ae94-68d3ae9468d3 |
Example Payload for Reprocess User License Assignment⤓
Retire Managed Device
Retire a device from Intune management upon employee offboarding. | key: retireDevice
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Managed Device Id | Unique Identifier for the device to retire. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Retire Managed Device⤓
Update Group
Update a single group. | key: updateGroup
| Input | Notes | Example |
|---|---|---|
| Assigned Labels | The list of sensitivity label pairs (label ID, label name) associated with a group | |
| Body Fields | Additional JSON properties to include in the request body. These will be merged with other input values. | |
| Connection | The Microsoft Intune connection to use. | |
| Description | A description for the group. | Self help community for library |
| Display Name | The name to display in the address book for the group. | Library Assist |
| Group Id | The ID of the group update. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Mail Nickname | The mail alias for the group, unique for Microsoft 365 groups in the organization. | library |
| Security Enabled | Set to true for mail-enabled groups. If Not Set the input will not be included in the request. | |
| Visibility | Specifies the visibility of the group. Possible values are Private, Public, or Hiddenmembership. | Public |
Example Payload for Update Group⤓
Update Managed App
Update an App object. | key: updateManagedApp
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Description | Update the description to help your device users understand what the app is and/or what they can do in the app. This comments will be visible to them in Company Portal. | This is an Office Suite app. |
| Developer | Update the developer of the app. This information will be visible to users in Company Portal. | Microsoft |
| Display Name | Update the name for the app. This name will be visible in the Intune apps list and to users in the Company Portal. | Office Suite App |
| Information URL | Update the URL that links to more information about the app. This URL will be visible to users in Company Portal. | https://example.com/informationUrl/ |
| Is Featured | Update whether the app is featured. Featured apps are displayed prominently in the Company Portal. | false |
| Icon Image Type | Update the type of the Icon image. This field is required if the Icon Image Data is provided. | image/png |
| Icon Image Data | Update the base64 encoded image data for the Icon image. This field is required if the Icon Image Type is provided. | dmFsdWU= |
| Mobile App ID | The ID of the app to update. | e0741df2-bae3-4649-9599-c47026da1234 |
| Notes | Update any notes about the app. This information will be visible to people signed into the admin center. | An example note. |
| OData App Type | The type of app to update. This depends on the platform of the app. Check the Microsoft Graph API documentation for the correct type. Documentation for an Office Suite app can be found here https://learn.microsoft.com/en-us/graph/api/intune-apps-officesuiteapp-update?view=graph-rest-beta | #microsoft.graph.officeSuiteApp |
| Owner | Update the name of the person or company that owns the app. This information will be visible to people signed into the admin center. | John Doe |
| Privacy Information URL | Update the URL that links to the privacy information for the app. The privacy information URL will be visible to users in Company Portal. | https://example.com/privacyInformationUrl/ |
| Publisher | Update the name of the developer or company that distributes the app. This information will be visible to users in Company Portal. | Microsoft |
| Specific Platform Properties | The specific properties for the app to be updated, generic properties like '@odata.type', 'displayName', 'description', etc. are alredy covered by the other inputs. This input should be a JSON object with the specific properties for the app to be updated. Check the Microsoft Graph API documentation for the correct properties for the app type you are updating. Documentation for an Office Suite app can be found here https://learn.microsoft.com/en-us/graph/api/intune-apps-officesuiteapp-update?view=graph-rest-beta |
Example Payload for Update Managed App⤓
Update Managed Device
Update the properties of a Managed Device object. | key: updateManagedDevice
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Extra Fields | Additional fields to update on the device. This is an object that can contain any additional fields that might not be covered by the other inputs. | |
| Managed Device Id | Unique identifier for the managed device to update (UUID format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Managed Device Name | Update the device name to make it easier to identify. | John-Laptop |
| Notes | Additional notes about the device for documentation purposes. | Device issued to John Doe in Marketing department |
Example Payload for Update Managed Device⤓
Update Mobile App Assignment
Update a mobile app assignment. | key: updateMobileAppAssignment
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Intent | The intent of the assignment for the managed app. A 'Required' option will force the app to be installed on the device. An 'Available' option will make the app available for the user to install. An 'Uninstall' option will remove the app from the device. An 'Available Without Enrollment' option will make the app available for the user to install without enrolling the device. | available |
| Mobile App Assignment Id | The ID of the mobile app assignment to update. | 0177548a-548a-0177-8a54-77018a547701 |
| Mobile App Id | The ID of the mobile app to update the assignment from. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| Settings | The mobile app assignment settings type. The value depends on the app platform (e.g., windowsUniversalAppXAppAssignmentSettings, iosLobAppAssignmentSettings). | microsoft.graph.windowsUniversalAppXAppAssignmentSettings |
| Target | The mobile app assignment target type. Common values include allLicensedUsersAssignmentTarget, groupAssignmentTarget, allDevicesAssignmentTarget. | microsoft.graph.allLicensedUsersAssignmentTarget |
Example Payload for Update Mobile App Assignment⤓
Update Software Update Status Summary
Update the status summary of a software update. | key: updateSoftwareUpdateStatusSummary
| Input | Notes | Example |
|---|---|---|
| Compliant Device Count | The number of devices that are compliant with the software update. | 1 |
| Compliant User Count | The number of users that are compliant with the software update. | 1 |
| Conflict Device Count | The number of devices that have a conflict with the software update. | 1 |
| Conflict User Count | The number of users that have a conflict with the software update. | 1 |
| Connection | The Microsoft Intune connection to use. | |
| Display Name | The display name of the software update status summary. | Software Update Status Summary |
| Error Device Count | The number of devices that have an error with the software update. | 1 |
| Error User Count | The number of users that have an error with the software update. | 1 |
| Non-Compliant Device Count | The number of devices that are not compliant with the software update. | 1 |
| Non-Compliant User Count | The number of users that are not compliant with the software update. | 1 |
| Not Applicable Device Count | The number of devices that are not applicable for the software update. | 1 |
| Not Applicable User Count | The number of users that are not applicable for the software update. | 1 |
| Remediated Device Count | The number of devices that have been remediated. | 1 |
| Remediated User Count | The number of users that have been remediated. | 1 |
| Unknown Device Count | The number of devices that have an unknown status with the software update. | 1 |
| Unknown User Count | The number of users that have an unknown status with the software update. | 1 |
Example Payload for Update Software Update Status Summary⤓
Update Subscription
Update a single subscription. | key: updateSubscription
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Expiration Date Time | The date and time when the webhook subscription expires in UTC format (ISO 8601). The maximum duration varies by resource type. Learn more | 2025-12-31T23:59:59.0000000Z |
| Notification URL | The URL endpoint that will receive webhook notifications when changes occur. | https://example.com/webhook |
| Subscription ID | The ID of the subscription to update. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Update Subscription⤓
Update User
Update the properties of a User object. | key: updateUser
| Input | Notes | Example |
|---|---|---|
| Account Enabled | When true, enables the user account. When false, the account is disabled and the user cannot sign in. | true |
| Additional Properties | Additional properties to update that are not covered by the other inputs. This should be a JSON object and will be merged with the other inputs. You can get additional properties from the Microsoft Graph API documentation https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0#json-representation | |
| Connection | The Microsoft Intune connection to use. | |
| Display Name | The display name of the user. | John Doe |
| Domain | The updated domain for the user. This must be an existing verified domain in your tenant. Use the 'List Domains' action to retrieve available domains. Required if 'User Principal Name' input is provided. | contoso.onmicrosoft.com |
| First Name | The updated first name of the user. | John |
| Job Title | The updated job title of the user. | Software Engineer |
| Last Name | The updated last name of the user. | Doe |
| User Id | Unique identifier for the user to update. This can be the user's ID (UUID format) or userPrincipalName (email format). | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
| User Principal Name | The updated user principal name (username) for the user. This will be combined with the domain to create the full user principal name. Required if 'Domain' input is provided. | john.doe |
Example Payload for Update User⤓
Wipe Device
Remotely wipe a compromised or lost device. | key: wipeDevice
| Input | Notes | Example |
|---|---|---|
| Connection | The Microsoft Intune connection to use. | |
| Managed Device Id | Unique Identifier for the device to wipe. | a1b2c3d4-e5f6-7890-abcd-ef1234567890 |
Example Payload for Wipe Device⤓
Changelog
2026-04-30
Updated spectral version
2026-04-07
Added global debug support across all actions for improved troubleshooting
2026-04-06
Added Fetch All pagination support to List Managed Devices, List Users, List Detected Apps, List Managed Apps, and List Group Members actions
2026-02-26
Added inline data sources for users, subscriptions, directory audits, device configurations, device compliance policies, and compliance policy setting summaries to enable dynamic dropdown selection
2025-12-09
Fixed an issue related to Add Group Member action to correctly add members to groups
2025-10-17
Enhanced webhook trigger reliability with automatic subscription renewal and cleanup of orphaned webhooks
2025-07-11
Added group member management actions:
- Add Group Member - Add a single member to a Microsoft Intune group
- Add Group Members - Add multiple members to a group in bulk
2025-05-15
Added Client Credentials connection type for server-to-server authentication with Microsoft Intune