IT Asset Management
(Cloud)
In order to establish a connection with Microsoft Intune on the FlexNet Beacon, you need to specify a Tenant ID,
Client ID and Client Secret when
setting up the PowerShell source connection. To get this information, you will have
to register an application in your Azure Active Directory portal to connect with the
Microsoft Graph API (portal.azure.com). The Microsoft Graph API is
called to get the information from Intune discovered apps.
Intune discovered apps is a report that lists detected apps on Microsoft Intune enrolled devices in your tenant, and acts as a software
inventory for your tenant.
Note: Intune discovered apps report refreshes
every 7 days from the time of enrollment (not a weekly refresh
for the entire tenant). The only exception to this refresh cycle for the
Discovered apps report is application information
collected through the Intune Management Extension for Win32
Apps, which is collected every 24 hours.
Use the following procedure to register an application in your Azure Active
Directory for connecting to the Microsoft Graph API.
-
Log into your Azure Directory portal (portal.azure.com), navigate to
App registrations and create a New
registration.
-
For your new registration, specify the following prior to selecting
Register:
-
A name for the new application.
-
Who can use the application. Important: select
"Accounts in this organizational directory only
([ORG_NAME] only - Single
tenant)".
-
Provide a redirect URI (optional).
-
After registering, take a note of the Application (Client)
ID. This is required when creating the PowerShell source
connection.
-
In the left pane, under Manage, select
Certificates & secrets and create a new client
secret. You will have two options: New client secret or
Upload certificate. Select New client
secret.
Important: Ensure to take a note of the Client secret
Value before changing screens, as this is
displayed one-time only. Later, the value will be masked and you will not be
able to retrieve it. Your only option, is to delete the application and
create a new one. Similar to the Application (Client) ID, this is required
when creating the PowerShell source connection.
-
You now need to request API permissions. In the left pane, under
Manage, this time select API
permissions and select Add a
permission.
-
In the "Request API permissions" screen, do the following:
-
Select Microsoft APIs followed by
Microsoft Graph.
-
Select Application Permissions.
-
Expand the DeviceManagementApps dropdown and
check DeviceManagementApps.Read.All.
-
Expand the DeviceManagementManagedDevices
dropdown and check
DeviceManagementManagedDevices.Read.All.
-
Expand the Directory dropdown and check
User.Read.All.
-
Once you have added all the above permissions, select Grant admin
conset for [ORG_NAME].
IT Asset Management (Cloud)
Current