In order to automate software deployment to your Endpoint Manager (Intune) tenant, a few steps has to be carried out by an administrator in your environment.
The setup consists of the following actions, which we will assist in guiding you through, in detail.
- Registering Endpoint Admin as an application in your tenant.
- Generating a Secret Key for API Access.
- Granting API access to your Endpoint Admin subscription.
- Testing established link from Endpoint Admin to Endpoint Manager (Intune) tenant.
Note: Only an administrator with either of the following rights can configure the following settings in Azure.
- Application Admin
- Global admin
Please follow the guidelines below to carry out to establish the trusted relationship.
SETTING UP APP REGISTRATION |
||
1.1 |
Firstly sign in to the Microsoft Azure portal. |
|
1.2 | Select the "Azure Active Directory" option. | ![]() |
1.3 | In the context menu to the left, choose the "App registrations" option. | ![]() |
1.4 | Choose the "New registration" option. | ![]() |
1.5 |
Select a name for the application registration. It is recommended that the name "Endpoint Admin" is used. Leave the options default and select "Register" |
![]() |
1.6 |
After registering. Click the name, to configure the Application registration. |
![]() |
SETTING UP A SECRET KEY FOR API USAGE |
||
2.1 |
Select the "Certificates & Secrets" option from the Manage section. |
![]() |
2.2 |
In the Client secrets section, choose the option "New client secret". Give the name a description. Fill in the details and select "add". Recommended configuration:
|
![]() |
2.3 |
The Client secret can now be viewed under 'Certificates & Secrets'. Note: The Secret ID will be used in a later step of this setup. |
![]() |
GRANTING API ACCESS TO ENDPOINT ADMIN |
||
3.1 | Inside the App Integrations entry you created earlier, choose 'API Permissions' from the context menu | ![]() |
3.2 | Select "Add a permission" | ![]() |
3.3 | Select the "Microsoft Graph" option. | ![]() |
3.4 | Select the "Application permissions" option. | ![]() |
3.5 | Delegate the following rights, followed by the option "Add permissions". |
|
3.6 | Select the "Grant admin consent for [tenant-name]" option. | ![]() |
3.7 | In the right hand side, Select the "Save and continue" option. |
|
3.8 | Confirm that access has been marked as granted on all the API permissions. | ![]() |
Configure Integration in Endpoint Admin |
||
4.1 |
Navigate back to the Application Integration page, by clicking the name in the navigation menu. |
![]() |
4.2 |
Save the 'Application (client ID)' value for step 4.4.
Save the 'Directory (tenant) ID' value for step 4.4. |
![]() |
4.3 |
In Endpoint Admin select the "integrations" option under 'Settings'. |
![]() |
4.4 |
In the Client Id field, paste the value from step 4.2: 'Application (client ID)'.
In the Client secret field, paste the value from step 2.3: 'Client secret'.
In the Azure tenant field, paste the value from step 4.2: 'Directory (tenant) ID'.
Select the "Establish trust" option. |
![]() |
4.3 |
Press 'Test Integration', and confirm that a trust is established to your Endpoint Manager (Intune) tenant. |
![]() |
Congratulations. You've now set up your Endpoint Manager (Intune) tenant to your Endpoint Admin subscription! You are now ready to deploy applications.
Comments
0 comments
Please sign in to leave a comment.