Office 365

Office 365

Note: Check the API Keys asset section of IT Glue for existing credentials before continuing with the following guide. Office365 and Intune follow the EXACT same setup process. Once you have the Tenant ID, App ID, and App Secret, you can configure both!

 

READ THE NOTE ABOVE BEFORE PROCEEDING. 

There are three steps that must be completed:

  1. Creating an app in the Microsoft Azure portal
  2. Assigning proper permissions to the app
  3. Generating a Client (App) Secret

Steps for creating an app in the Microsoft Azure portal:

  1. Navigate to https://portal.azure.com and login as an O365 global admin (The Client's)
  2. Navigate to Azure Active Directory -> App registrations
  3. Click + New registration
  4. Name the app Wizarrd and select the first option under Support account types: Accounts in this organizational directory only (Single tenant), then click Register

If successful, you will see a page like the following:

Steps for assigning proper permissions to the app:

  1. Navigate to the previously created app -> API permissions
  2. Click + Add a permission
  3. On the right-hand side, select Microsoft Graph
  4. Select Application permissions
  5. Search for and add the following permissions:
Device.Read.All
DeviceManagementConfiguration.Read.All
DeviceManagementManagedDevices.Read.All
User.Read.All
  1. Once added, click Add permissions
  2. Click + Add a permission again
  3. On the right-hand side, select Intune
  4. Select Application permissions
  5. Search for and add the following permission: get_data_warehouse
  6. Click Add permissions
  7. Click Grant admin consent for [ADMIN NAME] -> Yes

If completed successfully, you should see a page like the following:

Steps for generating a client secret:

  1. Navigate to the app's homepage -> Certificates & secrets
  2. Under Client secrets, click + New client secret
  3. Put Wizarrd as the Description, set it to Never expire, then click Add
  4. Copy the Value to the clipboard

If completed successfully, you should see a page like the following:

Once all three steps above are completed, you can then move on to the API configuration: Office 365