How to Set Up an Integration with Azure/Intune

This page explains how to set up the built-in integration between xAssets and Microsoft Intune to import managed device inventory. The integration pulls enrolled devices from your Intune environment into xAssets as asset records.

Prerequisites

• An Azure tenant with Microsoft Intune enabled.
• Azure Portal administrator access to create application registrations.
• Access to xAssets with permission to create credential packs.
• The xAssets Batch Service must be running on the server (the integration runs as a batch job).

What the Integration Provides

The Intune integration imports the list of devices enrolled in your Intune environment into xAssets. This gives you visibility of Intune-managed devices alongside your other IT assets.

Note that hardware details from Intune are limited, and Intune only reports software from Intune-managed applications. To get full hardware specifications and a complete software inventory, combine the Intune integration with xAssets Network Discovery.

Step 1: Create an Enterprise Application in Azure

1. Sign in to the Azure Portal.
2. Navigate to Azure Active Directory > App Registrations > New Registration.
3. Name the application (e.g., "xAssets Intune") and click Register.
4. Navigate to Certificates & Secrets and generate a new client secret.
5. Copy the secret Value immediately -- it is only shown once.
6. Navigate to the API Permissions tab and grant the following Microsoft Graph permissions:
   • DeviceManagementManagedDevices.Read.All -- to read managed device data.
   • Any additional permissions required for your environment.
7. Click Grant admin consent to activate the permissions.
8. Copy the Application (Client) ID and Directory (Tenant) ID from the application overview page.

Step 2: Create a Credential Pack in xAssets

1. In xAssets, navigate to Discover > Prepare > Credentials.
2. Click Create Credentials.
3. Configure the credential pack:

4. Save the credential pack.

Step 3: Run the Integration

1. Navigate to Discover > Integrations > Get data from Microsoft Intune.
2. Select the Intune credential pack.
3. The integration runs as a batch job. Monitor progress at Admin > Batch > Batch Jobs.
4. Once complete, verify the imported devices appear in your asset queries.

Step 4: Schedule the Integration (Recommended)

To keep your Intune device inventory current, schedule the integration to run daily:

1. Navigate to the transformation that runs the Intune integration (found at Admin > Transformations).
2. Open the Schedule tab.
3. Enable the schedule and set it to run Daily at a quiet time (e.g., 2:00 AM).
4. Save. See How to Set Up a Scheduled Batch Job for details.

Troubleshooting

If the integration fails with a permissions error:

1. Open Microsoft Graph Explorer.
2. Paste the Intune API URL: https://graph.microsoft.com/v1.0/deviceManagement/managedDevices
3. Run the query.
4. If permissions fail, the Graph Explorer's "Modify permissions" section shows which permissions are missing.
5. Grant the missing permissions in the Azure Portal, click "Grant admin consent", and try the integration again.

Other common issues:

• Invalid credentials -- verify the Tenant ID, Client ID, and client secret are correct in the credential pack.
• Batch service not running -- check the xAssets Batch Service status in Windows Services on the server.
• Client secret expired -- Azure client secrets have expiration dates. Create a new secret in Azure, update the credential pack password, then delete the old secret.

Related Articles

• Microsoft Intune Integration — full reference with screenshots
• Azure Direct Integration — importing Azure VMs and Azure AD users
• Batch Jobs Overview — monitoring batch job status
• Scheduled Transformations — scheduling recurring integrations