Microsoft Intune Component
Use the Microsoft Intune component to manage users, devices, and applications.
Component key: ms-intuneDescription
Microsoft Intune is a cloud-based service that focuses on device management and application management.
Connections
OAuth 2.0
To create an new Microsoft Intune App Registration:
- Navigate to the Microsoft Entra Identity > Applications > App registrations and select New registration.
- Set the Supported Account types to Accounts in any organizational directory (Any Azure AD directory - Multitenant) so that users outside of your organization (i.e. your customers) can authenticate.
- Set the Redirect URI dropdown as a "Web" platform. In that section add the Prismatic's OAuth callback URL https://oauth2.prismatic.io/callback - as a Redirect URI.
- Select Register to complete.
- From the App menu navigate to Certificates & Secrets for the app and add a new Client Secret. Save the Value for the Client Secret in the Prismatic Connection Configuration.
- Navigate to the Overview page save the value listed as the Application (client) ID. This will be your Client ID for the Prismatic Connection Configuration.
- Navigate to API Permissions and select Add Permission, select the square labeled Microsoft Graph, and then Delegated permissions. Under the DeviceManagementManagedDevices section select DeviceManagementManagedDevices.PrivilegedOperations, DeviceManagementManagedDevices.Read.All. In addition to any other permissions that will be required by your integration. You can use DeviceManagementManagedDevices.ReadWrite.All to get started building and choose a more refined set at a later time.
To configure the OAuth 2.0 connection in Prismatic:
- Add a Microsoft Intune OAuth 2.0 connection config var:
- Use the Application (client) ID value for the Client ID field.
- Use the Client Secret for the same named field.
- Use the default Authorize URL.
Data Sources
Select Detected App
Select a detected app from the list of detected apps | key: selectDetectedApp | type: picklist
Data Source Payload
{
"result": [
{
"label": "Display Name value",
"key": "caf60db6-0db6-caf6-b60d-f6cab60df6ca"
}
]
}
Select Managed App
Select a managed app from the list of managed apps | key: selectManagedApp | type: picklist
Data Source Payload
{
"result": [
{
"label": "Display Name value",
"key": "0177548a-548a-0177-8a54-77018a547701"
}
]
}
Select Managed Device
Select a managed device from the list of managed devices | key: selectManagedDevice | type: picklist
Data Source Payload
{
"result": [
{
"label": "Device Name value",
"key": "705c034c-034c-705c-4c03-5c704c035c70"
}
]
}
Actions
Assign Managed App to Group
Assign a managed app to a group. | key: assignManagedAppToGroup
Output Example Payload
{
"data": {
"@odata.type": "#microsoft.graph.mobileAppAssignment",
"id": "591620b7-20b7-5916-b720-1659b7201659",
"intent": "required",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget"
},
"settings": null
}
}
Create Managed App
Create a new App object. | key: createManagedApp
Output Example Payload
{
"data": {
"@odata.type": "#microsoft.graph.officeSuiteApp",
"id": "9b263b46-3b46-9b26-463b-269b463b269b",
"displayName": "Display Name value",
"description": "Description value",
"publisher": "Publisher value",
"largeIcon": {
"@odata.type": "microsoft.graph.mimeContent",
"type": "Type value",
"value": "dmFsdWU="
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"isFeatured": true,
"privacyInformationUrl": "https://example.com/privacyInformationUrl/",
"informationUrl": "https://example.com/informationUrl/",
"owner": "Owner value",
"developer": "Developer value",
"notes": "Notes value",
"uploadState": 11,
"publishingState": "processing",
"isAssigned": true,
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"dependentAppCount": 1,
"supersedingAppCount": 3,
"supersededAppCount": 2,
"autoAcceptEula": true,
"productIds": [
"o365BusinessRetail"
],
"excludedApps": {
"@odata.type": "microsoft.graph.excludedApps",
"access": true,
"bing": true,
"excel": true,
"groove": true,
"infoPath": true,
"lync": true,
"oneDrive": true,
"oneNote": true,
"outlook": true,
"powerPoint": true,
"publisher": true,
"sharePointDesigner": true,
"teams": true,
"visio": true,
"word": true
},
"useSharedComputerActivation": true,
"updateChannel": "current",
"officeSuiteAppDefaultFileFormat": "officeOpenXMLFormat",
"officePlatformArchitecture": "x86",
"localesToInstall": [
"Locales To Install value"
],
"installProgressDisplayLevel": "full",
"shouldUninstallOlderVersionsOfOffice": true,
"targetVersion": "Target Version value",
"updateVersion": "Update Version value",
"officeConfigurationXml": "b2ZmaWNlQ29uZmlndXJhdGlvblhtbA=="
}
}
Create User
Create a new user. | key: createUser
Output Example Payload
{
"data": {
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
"id": "87d349ed-44d7-43e1-9a83-5f2406dee5bd",
"businessPhones": [],
"displayName": "Adele Vance",
"givenName": "Adele",
"jobTitle": "Product Marketing Manager",
"mail": "AdeleV@contoso.com",
"mobilePhone": "+1 425 555 0109",
"officeLocation": "18/2111",
"preferredLanguage": "en-US",
"surname": "Vance",
"userPrincipalName": "AdeleV@contoso.com"
}
}
Delete Managed App
Deletes an App. | key: deleteManagedApp
Output Example Payload
{
"data": {}
}
Delete Managed Device
Deletes a Managed Device. | key: deleteManagedDevice
Output Example Payload
{
"data": {}
}
Delete User
Deletes a User. | key: deleteUser
Output Example Payload
{
"data": {}
}
Get Detected App
Read properties and relationships of the Detected Apps object. | key: getDetectedApp
Output Example Payload
{
"data": {
"value": {
"@odata.type": "#microsoft.graph.detectedApp",
"id": "caf60db6-0db6-caf6-b60d-f6cab60df6ca",
"displayName": "Display Name value",
"version": "Version value",
"sizeInByte": 10,
"deviceCount": 11,
"publisher": "Publisher value",
"platform": "windows"
}
}
}
Get Managed App
Read properties and relationships of an App object. | key: getManagedApp
Output Example Payload
{
"data": {
"value": {
"@odata.type": "#microsoft.graph.mobileApp",
"id": "0177548a-548a-0177-8a54-77018a547701",
"displayName": "Display Name value",
"description": "Description value",
"publisher": "Publisher value",
"largeIcon": {
"@odata.type": "microsoft.graph.mimeContent",
"type": "Type value",
"value": "dmFsdWU="
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"isFeatured": true,
"privacyInformationUrl": "https://example.com/privacyInformationUrl/",
"informationUrl": "https://example.com/informationUrl/",
"owner": "Owner value",
"developer": "Developer value",
"notes": "Notes value",
"publishingState": "processing"
}
}
}
Get Managed Device
Read properties and relationships of the Managed Device object. | key: getManagedDevice
Output Example Payload
{
"data": {
"value": {
"@odata.type": "#microsoft.graph.managedDevice",
"id": "705c034c-034c-705c-4c03-5c704c035c70",
"userId": "User Id value",
"deviceName": "Device Name value",
"managedDeviceOwnerType": "company",
"deviceActionResults": [
{
"@odata.type": "microsoft.graph.deviceActionResult",
"actionName": "Action Name value",
"actionState": "pending",
"startDateTime": "2016-12-31T23:58:46.7156189-08:00",
"lastUpdatedDateTime": "2017-01-01T00:00:56.8321556-08:00"
}
],
"enrolledDateTime": "2016-12-31T23:59:43.797191-08:00",
"lastSyncDateTime": "2017-01-01T00:02:49.3205976-08:00",
"operatingSystem": "Operating System value",
"complianceState": "compliant",
"jailBroken": "Jail Broken value",
"managementAgent": "mdm",
"osVersion": "Os Version value",
"easActivated": true,
"easDeviceId": "Eas Device Id value",
"easActivationDateTime": "2016-12-31T23:59:43.4878784-08:00",
"azureADRegistered": true,
"deviceEnrollmentType": "userEnrollment",
"activationLockBypassCode": "Activation Lock Bypass Code value",
"emailAddress": "Email Address value",
"azureADDeviceId": "Azure ADDevice Id value",
"deviceRegistrationState": "registered",
"deviceCategoryDisplayName": "Device Category Display Name value",
"isSupervised": true,
"exchangeLastSuccessfulSyncDateTime": "2017-01-01T00:00:45.8803083-08:00",
"exchangeAccessState": "unknown",
"exchangeAccessStateReason": "unknown",
"remoteAssistanceSessionUrl": "https://example.com/remoteAssistanceSessionUrl/",
"remoteAssistanceSessionErrorDetails": "Remote Assistance Session Error Details value",
"isEncrypted": true,
"userPrincipalName": "User Principal Name value",
"model": "Model value",
"manufacturer": "Manufacturer value",
"imei": "Imei value",
"complianceGracePeriodExpirationDateTime": "2016-12-31T23:56:44.951111-08:00",
"serialNumber": "Serial Number value",
"phoneNumber": "Phone Number value",
"androidSecurityPatchLevel": "Android Security Patch Level value",
"userDisplayName": "User Display Name value",
"configurationManagerClientEnabledFeatures": {
"@odata.type": "microsoft.graph.configurationManagerClientEnabledFeatures",
"inventory": true,
"modernApps": true,
"resourceAccess": true,
"deviceConfiguration": true,
"compliancePolicy": true,
"windowsUpdateForBusiness": true
},
"wiFiMacAddress": "Wi Fi Mac Address value",
"deviceHealthAttestationState": {
"@odata.type": "microsoft.graph.deviceHealthAttestationState",
"lastUpdateDateTime": "Last Update Date Time value",
"contentNamespaceUrl": "https://example.com/contentNamespaceUrl/",
"deviceHealthAttestationStatus": "Device Health Attestation Status value",
"contentVersion": "Content Version value",
"issuedDateTime": "2016-12-31T23:58:22.1231038-08:00",
"attestationIdentityKey": "Attestation Identity Key value",
"resetCount": 10,
"restartCount": 12,
"dataExcutionPolicy": "Data Excution Policy value",
"bitLockerStatus": "Bit Locker Status value",
"bootManagerVersion": "Boot Manager Version value",
"codeIntegrityCheckVersion": "Code Integrity Check Version value",
"secureBoot": "Secure Boot value",
"bootDebugging": "Boot Debugging value",
"operatingSystemKernelDebugging": "Operating System Kernel Debugging value",
"codeIntegrity": "Code Integrity value",
"testSigning": "Test Signing value",
"safeMode": "Safe Mode value",
"windowsPE": "Windows PE value",
"earlyLaunchAntiMalwareDriverProtection": "Early Launch Anti Malware Driver Protection value",
"virtualSecureMode": "Virtual Secure Mode value",
"pcrHashAlgorithm": "Pcr Hash Algorithm value",
"bootAppSecurityVersion": "Boot App Security Version value",
"bootManagerSecurityVersion": "Boot Manager Security Version value",
"tpmVersion": "Tpm Version value",
"pcr0": "Pcr0 value",
"secureBootConfigurationPolicyFingerPrint": "Secure Boot Configuration Policy Finger Print value",
"codeIntegrityPolicy": "Code Integrity Policy value",
"bootRevisionListInfo": "Boot Revision List Info value",
"operatingSystemRevListInfo": "Operating System Rev List Info value",
"healthStatusMismatchInfo": "Health Status Mismatch Info value",
"healthAttestationSupportedStatus": "Health Attestation Supported Status value"
},
"subscriberCarrier": "Subscriber Carrier value",
"meid": "Meid value",
"totalStorageSpaceInBytes": 8,
"freeStorageSpaceInBytes": 7,
"managedDeviceName": "Managed Device Name value",
"partnerReportedThreatState": "activated",
"requireUserEnrollmentApproval": true,
"managementCertificateExpirationDate": "2016-12-31T23:57:59.9789653-08:00",
"iccid": "Iccid value",
"udid": "Udid value",
"notes": "Notes value",
"ethernetMacAddress": "Ethernet Mac Address value",
"physicalMemoryInBytes": 5,
"enrollmentProfileName": "Enrollment Profile Name value"
}
}
}
Get User
Read properties and relationships of the User object. | key: getUser
Output Example Payload
{
"data": {
"businessPhones": [
"+1 425 555 0109"
],
"displayName": "Adele Vance",
"givenName": "Adele",
"jobTitle": "Retail Manager",
"mail": "AdeleV@contoso.com",
"mobilePhone": "+1 425 555 0109",
"officeLocation": "18/2111",
"preferredLanguage": "en-US",
"surname": "Vance",
"userPrincipalName": "AdeleV@contoso.com",
"id": "87d349ed-44d7-43e1-9a83-5f2406dee5bd"
}
}
List Detected Apps
List properties and relationships of the Detected Apps objects. | key: listDetectedApps
Output Example Payload
{
"data": {
"value": [
{
"@odata.type": "#microsoft.graph.detectedApp",
"id": "caf60db6-0db6-caf6-b60d-f6cab60df6ca",
"displayName": "Display Name value",
"version": "Version value",
"sizeInByte": 10,
"deviceCount": 11,
"publisher": "Publisher value",
"platform": "windows"
}
]
}
}
List Domains
Retrieve a list of domain objects. | key: listDomains
Output Example Payload
{
"data": {
"value": [
{
"authenticationType": "authenticationType-value",
"availabilityStatus": "availabilityStatus-value",
"isAdminManaged": true,
"isDefault": true,
"isInitial": true,
"isRoot": true,
"id": "contoso.com",
"supportedServices": [
"Email",
"OfficeCommunicationsOnline"
]
}
]
}
}
List Managed App Assignments
List all assignments for a managed app. | key: listManagedAppAssignments
Output Example Payload
{
"data": {
"value": [
{
"@odata.type": "#microsoft.graph.mobileAppAssignment",
"id": "591620b7-20b7-5916-b720-1659b7201659",
"intent": "required",
"target": {
"@odata.type": "microsoft.graph.allLicensedUsersAssignmentTarget"
},
"settings": {
"@odata.type": "microsoft.graph.windowsUniversalAppXAppAssignmentSettings",
"useDeviceContext": true
}
}
]
}
}
List Managed Apps
List all managed apps in Intune. | key: listManagedApps
Output Example Payload
{
"data": {
"value": [
{
"@odata.type": "#microsoft.graph.webApp",
"id": "4bdc5d30-5d30-4bdc-305d-dc4b305ddc4b",
"displayName": "Display Name value",
"description": "Description value",
"publisher": "Publisher value",
"largeIcon": {
"@odata.type": "microsoft.graph.mimeContent",
"type": "Type value",
"value": "dmFsdWU="
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"isFeatured": true,
"privacyInformationUrl": "https://example.com/privacyInformationUrl/",
"informationUrl": "https://example.com/informationUrl/",
"owner": "Owner value",
"developer": "Developer value",
"notes": "Notes value",
"publishingState": "processing",
"appUrl": "https://example.com/appUrl/",
"useManagedBrowser": true
}
]
}
}
List Managed Devices
List properties and relationships of the Managed Device objects. | key: listManagedDevices
Output Example Payload
{
"data": {
"value": [
{
"@odata.type": "#microsoft.graph.managedDevice",
"id": "705c034c-034c-705c-4c03-5c704c035c70",
"userId": "User Id value",
"deviceName": "Device Name value",
"managedDeviceOwnerType": "company",
"deviceActionResults": [
{
"@odata.type": "microsoft.graph.deviceActionResult",
"actionName": "Action Name value",
"actionState": "pending",
"startDateTime": "2016-12-31T23:58:46.7156189-08:00",
"lastUpdatedDateTime": "2017-01-01T00:00:56.8321556-08:00"
}
],
"enrolledDateTime": "2016-12-31T23:59:43.797191-08:00",
"lastSyncDateTime": "2017-01-01T00:02:49.3205976-08:00",
"operatingSystem": "Operating System value",
"complianceState": "compliant",
"jailBroken": "Jail Broken value",
"managementAgent": "mdm",
"osVersion": "Os Version value",
"easActivated": true,
"easDeviceId": "Eas Device Id value",
"easActivationDateTime": "2016-12-31T23:59:43.4878784-08:00",
"azureADRegistered": true,
"deviceEnrollmentType": "userEnrollment",
"activationLockBypassCode": "Activation Lock Bypass Code value",
"emailAddress": "Email Address value",
"azureADDeviceId": "Azure ADDevice Id value",
"deviceRegistrationState": "registered",
"deviceCategoryDisplayName": "Device Category Display Name value",
"isSupervised": true,
"exchangeLastSuccessfulSyncDateTime": "2017-01-01T00:00:45.8803083-08:00",
"exchangeAccessState": "unknown",
"exchangeAccessStateReason": "unknown",
"remoteAssistanceSessionUrl": "https://example.com/remoteAssistanceSessionUrl/",
"remoteAssistanceSessionErrorDetails": "Remote Assistance Session Error Details value",
"isEncrypted": true,
"userPrincipalName": "User Principal Name value",
"model": "Model value",
"manufacturer": "Manufacturer value",
"imei": "Imei value",
"complianceGracePeriodExpirationDateTime": "2016-12-31T23:56:44.951111-08:00",
"serialNumber": "Serial Number value",
"phoneNumber": "Phone Number value",
"androidSecurityPatchLevel": "Android Security Patch Level value",
"userDisplayName": "User Display Name value",
"configurationManagerClientEnabledFeatures": {
"@odata.type": "microsoft.graph.configurationManagerClientEnabledFeatures",
"inventory": true,
"modernApps": true,
"resourceAccess": true,
"deviceConfiguration": true,
"compliancePolicy": true,
"windowsUpdateForBusiness": true
},
"wiFiMacAddress": "Wi Fi Mac Address value",
"deviceHealthAttestationState": {
"@odata.type": "microsoft.graph.deviceHealthAttestationState",
"lastUpdateDateTime": "Last Update Date Time value",
"contentNamespaceUrl": "https://example.com/contentNamespaceUrl/",
"deviceHealthAttestationStatus": "Device Health Attestation Status value",
"contentVersion": "Content Version value",
"issuedDateTime": "2016-12-31T23:58:22.1231038-08:00",
"attestationIdentityKey": "Attestation Identity Key value",
"resetCount": 10,
"restartCount": 12,
"dataExcutionPolicy": "Data Excution Policy value",
"bitLockerStatus": "Bit Locker Status value",
"bootManagerVersion": "Boot Manager Version value",
"codeIntegrityCheckVersion": "Code Integrity Check Version value",
"secureBoot": "Secure Boot value",
"bootDebugging": "Boot Debugging value",
"operatingSystemKernelDebugging": "Operating System Kernel Debugging value",
"codeIntegrity": "Code Integrity value",
"testSigning": "Test Signing value",
"safeMode": "Safe Mode value",
"windowsPE": "Windows PE value",
"earlyLaunchAntiMalwareDriverProtection": "Early Launch Anti Malware Driver Protection value",
"virtualSecureMode": "Virtual Secure Mode value",
"pcrHashAlgorithm": "Pcr Hash Algorithm value",
"bootAppSecurityVersion": "Boot App Security Version value",
"bootManagerSecurityVersion": "Boot Manager Security Version value",
"tpmVersion": "Tpm Version value",
"pcr0": "Pcr0 value",
"secureBootConfigurationPolicyFingerPrint": "Secure Boot Configuration Policy Finger Print value",
"codeIntegrityPolicy": "Code Integrity Policy value",
"bootRevisionListInfo": "Boot Revision List Info value",
"operatingSystemRevListInfo": "Operating System Rev List Info value",
"healthStatusMismatchInfo": "Health Status Mismatch Info value",
"healthAttestationSupportedStatus": "Health Attestation Supported Status value"
},
"subscriberCarrier": "Subscriber Carrier value",
"meid": "Meid value",
"totalStorageSpaceInBytes": 8,
"freeStorageSpaceInBytes": 7,
"managedDeviceName": "Managed Device Name value",
"partnerReportedThreatState": "activated",
"requireUserEnrollmentApproval": true,
"managementCertificateExpirationDate": "2016-12-31T23:57:59.9789653-08:00",
"iccid": "Iccid value",
"udid": "Udid value",
"notes": "Notes value",
"ethernetMacAddress": "Ethernet Mac Address value",
"physicalMemoryInBytes": 5,
"enrollmentProfileName": "Enrollment Profile Name value"
}
]
}
}
List Users
Retrieve a list of user objects. | key: listUsers
Output Example Payload
{
"data": {
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users",
"value": [
{
"businessPhones": [],
"displayName": "Conf Room Adams",
"givenName": null,
"jobTitle": null,
"mail": "Adams@contoso.com",
"mobilePhone": null,
"officeLocation": null,
"preferredLanguage": null,
"surname": null,
"userPrincipalName": "Adams@contoso.com",
"id": "6ea91a8d-e32e-41a1-b7bd-d2d185eed0e0"
},
{
"businessPhones": [
"425-555-0100"
],
"displayName": "MOD Administrator",
"givenName": "MOD",
"jobTitle": null,
"mail": null,
"mobilePhone": "425-555-0101",
"officeLocation": null,
"preferredLanguage": "en-US",
"surname": "Administrator",
"userPrincipalName": "admin@contoso.com",
"id": "4562bcc8-c436-4f95-b7c0-4f8ce89dca5e"
}
]
}
}
Raw Request
Send raw HTTP request to Microsoft Intune API | key: rawRequest
Update Managed App
Update an App object. | key: updateManagedApp
Output Example Payload
{
"data": {
"@odata.type": "#microsoft.graph.officeSuiteApp",
"id": "9b263b46-3b46-9b26-463b-269b463b269b",
"displayName": "Display Name value",
"description": "Description value",
"publisher": "Publisher value",
"largeIcon": {
"@odata.type": "microsoft.graph.mimeContent",
"type": "Type value",
"value": "dmFsdWU="
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"isFeatured": true,
"privacyInformationUrl": "https://example.com/privacyInformationUrl/",
"informationUrl": "https://example.com/informationUrl/",
"owner": "Owner value",
"developer": "Developer value",
"notes": "Notes value",
"uploadState": 11,
"publishingState": "processing",
"isAssigned": true,
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"dependentAppCount": 1,
"supersedingAppCount": 3,
"supersededAppCount": 2,
"autoAcceptEula": true,
"productIds": [
"o365BusinessRetail"
],
"excludedApps": {
"@odata.type": "microsoft.graph.excludedApps",
"access": true,
"bing": true,
"excel": true,
"groove": true,
"infoPath": true,
"lync": true,
"oneDrive": true,
"oneNote": true,
"outlook": true,
"powerPoint": true,
"publisher": true,
"sharePointDesigner": true,
"teams": true,
"visio": true,
"word": true
},
"useSharedComputerActivation": true,
"updateChannel": "current",
"officeSuiteAppDefaultFileFormat": "officeOpenXMLFormat",
"officePlatformArchitecture": "x86",
"localesToInstall": [
"Locales To Install value"
],
"installProgressDisplayLevel": "full",
"shouldUninstallOlderVersionsOfOffice": true,
"targetVersion": "Target Version value",
"updateVersion": "Update Version value",
"officeConfigurationXml": "b2ZmaWNlQ29uZmlndXJhdGlvblhtbA=="
}
}
Update Managed Device
Update the properties of a Managed Device object. | key: updateManagedDevice
Output Example Payload
{
"data": {}
}
Update User
Update the properties of a User object. | key: updateUser
Output Example Payload
{
"data": {}
}