0
votes

I need to retrieve all devices in an AzureAD from a background-application which needs to run without user interaction.

My research so far has come up empty, with Graph API as the only option to get the actual data - but doesn't support non-interactive scenarios. :(

Question

Is there a way/API to get all devices in a non-interavtive way?

Research

Graph API:

https://docs.microsoft.com/en-gb/graph/api/intune-devices-manageddevice-get?view=graph-rest-1.0

enter image description here

Does not support non-interactive screnarios, as confirmed in above screenshot from the documentation and the below links:

https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/18474520-intune-graph-api-should-be-accessible-non-interact

https://social.technet.microsoft.com/Forums/en-US/1636481c-7101-43d4-9f60-e09cdd65b4b0/noninteractive-access-to-intune-api?forum=microsoftintuneprod

MS Graph API - ManagedDevices obtaining Scope

Azure AD Graph API

https://msdn.microsoft.com/Library/Azure/Ad/Graph/api/api-catalog

Not recommended by MS - and doesn't seem to have a way to get devices either.

1

1 Answers

1
votes

You can use the following "GET https://graph.microsoft.com/v1.0/devices". This call retrieves the list of device objects registered in the organization.

This call is supported in non-interactive scenarios as well. The application will need one of the following permissions.

Application : Device.Read.All, Directory.Read.All

You can also check all the operations available in MS Graph for a device object here.