Preparation of your Intune tenant

To be able to communicate with Microsoft Intune via an external application such as the Packaging PowerBench, you must define an access point for the application, which you can then later address from within the application. This section describes the steps required to set up such an access point.

  • First, log in with an administrative account on your Azure portal at https://portal.azure.com and open the overview page of your Azure Active Directory. At this point, already make a note of the primary domain name from your client information.



  • Then select "App registrations" in the navigation area on the left side and click "New registration" afterwards.



  • Give the application registration a descriptive name and choose which account types you want to use and whether you want to set up a redirect URI. In this example, we'll leave the settings at the defaults. Then click "Register".



  • Now switch to the "API permissions" of the registered application and assign the required permissions for Intune App Management. To do this, click on "Add a permission".



  • On the next page, click the large "Microsoft Graph" button and then click "Application permissions".



  • Now mark the following permissions by checking the corresponding checkbox:
    • DeviceManagementApps
      • DeviceManagementApps.Read.All
      • DeviceManagementApps.ReadWrite.All

and then select "Add permissions".


  • In the following screen, as an Azure administrator, you must agree that users of your tenant who use the registered application have the required permissions. To do this, click "Grant admin consent for <your client name>". Confirm the following popup with "Yes".



  • Now switch to the "Certificates & secrets" area and create a new client secret. You can think of the secret as the password for access to the registered application interface.



  • Again, assign a descriptive name for the secret and select the validity period according to your requirements or internal specifications. Then click on "Add".



  • Now copy the generated secret key to the clipboard using the button marked in the screenshot and save it in a safe place, such as a password safe.

Note: If you leave the page without having copied the secret, you will not be able to access this key afterwards. You would then have to create another key.



  • Finally, go to the overview page of the registered app and make a note of the "Application ID" of the registered app.


You should now have the following information together, which you will need again in the next step - configuring Intune integration in the Packaging PowerBench:

  • Domain name of your tenant
  • Application ID of the registered application
  • Secret client key for accessing the app