Microsoft Intune
xAssets includes a built-in integration with Microsoft Intune (part of Microsoft Endpoint Manager) to import managed device inventory. This page explains what the integration provides, its limitations, and how to set it up.
What the Integration Provides
The Intune integration imports the list of devices enrolled in your Intune environment into xAssets as asset records. This gives you visibility of Intune-managed devices alongside your other IT assets.
However, the hardware details from Intune are limited, and Intune only reports software from Intune-managed applications -- most important and licensable applications are not listed. To get full hardware specifications and a complete software inventory, combine the Intune integration with xAssets Network Discovery.
Prerequisites
- An Azure tenant with Microsoft Intune enabled
- An Azure Enterprise Application with appropriate API permissions
- Access to xAssets with permission to create credential packs
- The xAssets Batch Service must be running (the integration runs as a batch job)
Setup
Step 1: Create an Enterprise Application in Azure
- Sign in to the Azure Portal
- Navigate to Azure Active Directory > App Registrations > New Registration
- Name the application (e.g., "xAssets Intune")
- Register the application
- Navigate to Certificates & Secrets and generate a new client secret. Copy the secret Value immediately -- it is only shown once.
- Navigate to the API Permissions tab and grant the following permissions at a minimum:
- Click Grant admin consent to activate the permissions
Step 2: Create a Credential Pack in xAssets
- Navigate to Discover > Prepare > Credentials
- Click Create Credentials
- Configure the credential pack as follows:
| Field | Value |
|---|---|
| Credential Type | Named Credentials |
| Collection Server | Application Server (not on a collection server) |
| Pack Name | Intune |
| Domain Name | Your Azure Tenant ID |
| Username | The Application (Client) ID of the Enterprise Application |
| Password | The client secret Value from Step 1 |
- Save the credential pack
Step 3: Run the Integration
- Navigate to Discover > Integrations > Get data from Microsoft Intune
- Select the Intune credential pack
- The integration runs as a batch job. Monitor progress in the batch job status area.
Troubleshooting Permissions
If the integration fails with a permissions error, use Microsoft Graph Explorer to diagnose the issue:
- Open Microsoft Graph Explorer
- Paste the Intune API URL into the query box:
https://graph.microsoft.com/v1.0/deviceManagement/managedDevices - Run the query
- If permissions fail, the Graph Explorer's "Modify permissions" section shows which permissions are missing. Review the description of each permission before clicking "Consent".
Once the query works in Graph Explorer, it should work from xAssets provided the credential pack values are correct.
Tip: Schedule this integration to run daily to keep your Intune device inventory current. See Batch Jobs Overview for scheduling details.
Related Articles
- Azure Direct Integration — importing Azure VMs and Azure AD users
- Transformations Overview — understanding the transformation framework