# Microsoft Intune - Connector Builder
## Connector Information
Microsoft Intune is a Microsoft cloud-based unified endpoint management service for both corporate and BYOD devices. It extends some of the "on-premises" functionality of Microsoft Endpoint Configuration Manager to the Microsoft Azure cloud.
ASM can connect via the Alemba Connector builder. The pull of information is controlled by the scheduling option within the System Administration>Integration>Scheduling option, and the security set by your Azure Administrators. This allows for your full control of when you would like to update the information in ASM.
{% hint style="warning" %}
**Authentication and Security**
In the Application Registration (for the Microsoft Graph Security), ensure you have application Permissions configured to allow creation, update and management of resources. The following is required:
* DeviceManagementManaged
* Devices.Read.All
* Offline\_Access
{% endhint %}
## Prerequisites
You must have at least ASM 10.6.5 installed with the connector builder functionality.
## System Access Requirement
* Application ID
* Client Secret value (not the client secret ID)
* DeviceManagementManaged, Devices.Read.All and offline\_acces is required
## Helpful Links
## Configuring the Connector Builder for Microsoft Intune
Below are examples of the parameters you will want to populate in the connector builder for the Microsoft Intune mapping.
1. Access the Connector Builder: System Admin>Integration>Connector Builder
2. Click "Add Connector" to add a new connector
3. Enter the details (See sections below for details and examples)
1. **Connector Builder Name:** Microsoft Intune
2. **Authentication Type:** OAuth
4. Configure Resource Settings, click the "+" to add a Resource
5. Click the "New Resource" Link to expand and enter the details
1. **Resource Display Name:** Intune Device
2. **Resource Id:** InTuneDevice
3. **Resource Category:** CMDB Item
4. **Resource Description:** Microsoft Intune
6. Complete the queries as follows:
All
**Query:** All
**URL:** v1.0/deviceManagement/managedDevices?$top=@PAGESIZE
**Nested Objects:** value
**Paged?** True
**Starting Page No:** 0
**Page Size:** 500
**Next Page Property:** @odata.nextLink
Search
**Query:** Search
**URL:** v1.0/deviceManagement/managedDevices?$filter=startswith(deviceName,'@SEARCHTEXT')&$top=@PAGESIZE
**Nested Objects:** value
**Paged?** True
**Starting Page No:** 0
**Page Size:** 500
**Next Page Property:** @odata.nextLink
Retrieve
**Query:** Retrieve
**URL:** v1.0/deviceManagement/managedDevices/@UNIQUEID?$select=id,deviceName,azureADDeviceId,serialNumber,phoneNumber,complianceState,operatingSystem,osVersion,model,manufacturer,lastSyncDateTime,totalStorageSpaceInBytes,freeStorageSpaceInBytes,imei,iccid,wiFiMacAddress,ethernetMacAddress,enrolledDateTime,isEncrypted,isSupervised,subscriberCarrier,userPrincipalName,managedDeviceOwnerType,physicalMemoryInBytes
**Nested Objects Paged?** False
7. Complete the Resource Details
Resource Unique Identifier Field
**Field ID:** id
**Data Type:** String
Resource Display Field
**Field ID:** DeviceName
**Data Type:** String
Resource Last Modified Field
**Field ID:** lastsyncDateTime
**Data Type:** DateTime
8. Setup fields, Click the "New Fieldset" link
Fieldsets Details
**Fieldset id:** DeviceFields
**Type:** Relative
9. Add fields to the fieldset, Click the "+" to add a new Field
10. Click the "+" to repeat and add a new row for all fields you need to add to this fieldset
Fields Details
#### Field ID: id
Field Display: Device ID
Data Type: String
#### Field ID: deviceName
Field Display: Name
Data Type: String
#### Field ID: azureADDeviceID
Field Display: azureADDeviceID
Data Type: String
#### Field ID: SerialNumber
Field Display: Sertial No
Data Type: String
#### Field ID: PhoneNumber
Field Display: Phone Number
Data Type: String
#### Field ID: complianceState
Field Display: Compliance State
Data Type: String
#### Field ID: OperatingSystem
Field Display: OS
Data Type: String
#### Field ID: osVersion
Field Display: OS Version
Data Type: String
#### Field ID: model
Field Display: Model
Data Type: String
#### Field ID: manufacturer
Field Display: Manufacturer
Data Type: String
#### Field ID: lastSyncDateTime
Field Display: last Sync Date Time
Data Type: String
#### Field ID: totalstorageSpaceInBytes
Field Display: Total Storage in Bytes
Data Type: String
#### Field ID: freestorageSpaceInBytes
Field Display: Free Storage SpaceInBytes
Data Type: String
#### Field ID: imei
Field Display: IMEI
Data Type: Boolean
#### Field ID: iccid
Field Display: ICCID
Data Type: String
#### Field ID: wiFiMacAddress
Field Display: Wi-FI MAC
Data Type: String
#### Field ID: ethernetMacAddress
Field Display: Ethernet Mac Address
Data Type: String
#### Field ID: enrolledDateTime
Field Display: Enrolled Date Time
Data Type: String
#### Field ID: isEncrypted
Field Display: Encrypted
Data Type: String
#### Field ID: isSupervised
Field Display: Supervised
Data Type: String
#### Field ID: CompanyName
Field Display: CompanyName
Data Type: String
#### Field ID: SubscriberCarrier
Field Display: Subscriber Carrier
Data Type: String
#### Field ID: userPrincipalName
Field Display: Primary User
Data Type: String
#### Field ID: managedDeviceOwnerType
Field Display: Ownership
Data Type: String
#### Field ID: physicalMemoryBytes
Field Display: Physical Memory Bytes
Data Type: String
{% hint style="info" %}
**Link Settings**
This section is not applicable to the configuration. If you need more information about Link Settings, please contact Alemba Support for assistance.
{% endhint %}
11. Save your new Connector
12. Configure your Source
1. Navigate to System Admin>Integration>Sources
2. Click the Add icon to add a new source 
3. Select the Connector you just defined, in this example we called it "Connector Builder Test", but yours will likely be some version of *Microsoft\_InTune*, etc...
13. Complete the Source Properties.
Source Properties
**URL:** ;
**Test URL:** v1.0/deviceManagement/managedDevices
**Manage Token**:
* Tokenname: Your Client Intune Token
* Grant Type: client\_credentials
* Call back URL:
* Authorization URL: [https://login.microsoftonline.com/{Azure ](https://login.microsoftonline.com/%7BAzure)Tenant ID}/oauth2/v2.0/authorize
* Access Token URL: [https://login.microsoftonline.com/{Azure ](https://login.microsoftonline.com/%7BAzure)Tenant ID}/oauth2/v2.0/token
* Client ID: Value from the Azure App Registration
* Client Secret: The secret created for the App Registration
* Scope:
* State: Any secret value E.g. A complex password
14. [Map Your Fields Under **Resources** ](https://docs.alemba.com/asm/integrate/managing-integration/selecting-fields-for-mapping)
{% hint style="info" %}
Please note that there are several fields that bring back data as bytes including Total and Free Storage space in Microsoft Intune. If you wish to convert these to GB then you would need to use the transform function in ASM, for example: Math.Round(Convert.toDecimal(PhysicalMemoryinBytes)/1073741824,2)
{% endhint %}
15. [Set up the integration's **scheduled scan**](https://docs.alemba.com/asm/integrate/managing-integration/managing-the-federated-cmdb/managing-scheduled-integration-scans)
**Query:** All
**URL:** v1.0/deviceManagement/managedDevices?$top=@PAGESIZE
**Nested Objects:** value
**Paged?** True
**Starting Page No:** 0
**Page Size:** 500
**Next Page Property:** @odata.nextLink
**Query:** Search
**URL:** v1.0/deviceManagement/managedDevices?$filter=startswith(deviceName,'@SEARCHTEXT')&$top=@PAGESIZE
**Nested Objects:** value
**Paged?** True
**Starting Page No:** 0
**Page Size:** 500
**Next Page Property:** @odata.nextLink
**Query:** Retrieve
**URL:** v1.0/deviceManagement/managedDevices/@UNIQUEID?$select=id,deviceName,azureADDeviceId,serialNumber,phoneNumber,complianceState,operatingSystem,osVersion,model,manufacturer,lastSyncDateTime,totalStorageSpaceInBytes,freeStorageSpaceInBytes,imei,iccid,wiFiMacAddress,ethernetMacAddress,enrolledDateTime,isEncrypted,isSupervised,subscriberCarrier,userPrincipalName,managedDeviceOwnerType,physicalMemoryInBytes
**Nested Objects Paged?** False
