Scribd
Upload
41 views5 pages

Microsoft Intune - Graph + PowerShell Integration

The document provides an overview of integrating Microsoft Intune with Graph API and PowerShell, explaining the role of APIs, specifically REST and Microsoft Graph, in accessing and modifying application data. It details the usage of Microsoft Graph Explorer for troubleshooting and executing API calls, as well as the syntax for making Graph API calls. Additionally, it outlines the steps for integrating PowerShell with Intune for automation of API calls, including authentication and commandlet usage.

Uploaded by

abhishek raikwar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
41 views5 pages

Microsoft Intune - Graph + PowerShell Integration

The document provides an overview of integrating Microsoft Intune with Graph API and PowerShell, explaining the role of APIs, specifically REST and Microsoft Graph, in accessing and modifying application data. It details the usage of Microsoft Graph Explorer for troubleshooting and executing API calls, as well as the syntax for making Graph API calls. Additionally, it outlines the steps for integrating PowerShell with Intune for automation of API calls, including authentication and commandlet usage.

Uploaded by

abhishek raikwar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Microsoft Intune : Graph Api + PowerShell | Integration

Understanding APIs and Microsoft Graph

• An API (Application Programming Interface) acts as a window in a wall that


separates users from data, enabling the exchange, viewing, and modification of
that data.

• REST (Representational State Transfer) is a protocol that Microsoft Graph uses


for API calls.

• Microsoft Graph functions as a layer or "fence" situated between applications


and services, facilitating REST API calls to access and modify application data by
leveraging Azure functionalities.

• To access data via Graph, authentication and authorization are required, which
involves obtaining a token from Azure.

• Data retrieved via Graph API calls is typically formatted as JSON (JavaScript
Object Notation).

• OData (Open Data Protocol) is used for querying data

Annectens Academy WhatsApp +9819177797


Microsoft Intune : Graph Api + PowerShell | Integration

HTTP Verbs for API Calls

• Different HTTP verbs (commands) are used to perform specific actions when
making API calls

HTTP Verb Purpose Status Code (Success)


GET Fetch/read data 200
POST Create New Information 201
PATCH Modify existing information 204
DELETE Remove Information Varies, often 200/204
PUT Replace or Create

Microsoft Graph Explorer: Purpose and Usage

• Microsoft Graph Explorer is a tool and medium for accessing and modifying
data within cloud-hosted applications like SharePoint, Exchange Online, and
Intune via their exposed APIs.

• It is primarily used for troubleshooting portal display issues (e.g., 404 errors or
incorrect data) by allowing direct database querying.

• Graph Explorer helps identify REST API calls made by the portal, which can then
be used for automation with other tools.

• Graph Explorer is designed specifically for the Ibiza console ([Link])


and cannot retrieve information for devices enrolled via the older Silverlight
console.

• All actions performed in the Ibiza console, whether reading or writing data,
trigger corresponding Graph REST API calls in the background.

Annectens Academy WhatsApp +9819177797


Microsoft Intune : Graph Api + PowerShell | Integration

Graph API Call Syntax

• The base URL for Graph API calls is [Link] which remains
constant.

• Two versions are available: v1.0 (recommended and stable) and beta (in preview
and subject to change).

• Calls follow a tree hierarchy, starting with a root resource


like deviceManagement for Microsoft Intune, then narrowing down to specific
devices or configurations.

• Query parameters like $select, $filter, and $orderby can be used to refine the
output, similar to Select-Object in PowerShell

Graph Explorer Console Operations

• Access the Graph Explorer console via [Link]/ge.

• Requires signing in and providing appropriate permissions (e.g., "devices"


permissions for Intune) via the "Modify Permissions" tab.

• The console allows users to select HTTP verbs, input the API URL, and execute
queries.

• For POST or PATCH requests, a request body in JSON format is used to send
data (e.g., policy settings), while GET requests have an empty request body.

• The response preview displays the returned data, typically in JSON format.

Intune Management Methods

• Intune can be managed through the Ibiza console, Microsoft Graph Explorer, or
Windows PowerShell, all of which ultimately rely on Graph REST API calls in the
backend.

Annectens Academy WhatsApp +9819177797


Microsoft Intune : Graph Api + PowerShell | Integration

Integrating Intune with Windows PowerShell

• PowerShell can be integrated with Intune for automation of multiple API calls.

• The integration process involves:

• Setting the PowerShell Execution Policy to Unrestricted.

• Installing the Intune Module from the GitHub repository.

• Installing the Azure AD Module.

• Authenticating and authorizing by connecting to MS Graph


using Connect-MSGraph to generate a token.

• This integration enables the use of specific Intune commandlets (e.g., Get-
IntuneManagedDevices) to manage Intune.

Integrating API with Windows PowerShell for Automation

• To integrate API calls with PowerShell, an AD Token (Auth Token) is required.

• This token is a JSON Web Token (JWT), which can be generated using specific
scripts found in GitHub repositories.

• The Invoke-RestMethod commandlet in PowerShell is used to make REST API


calls.

• It requires parameters such as URI (the API


endpoint), Headers (containing the Auth Token), Method (HTTP verb like
GET, POST, PATCH), and Body (for POST/PATCH requests, in JSON
format).

• PowerShell allows for automation by feeding URIs and data from sources like
CSV files to execute multiple API calls.

Annectens Academy WhatsApp +9819177797


Microsoft Intune : Graph Api + PowerShell | Integration

PowerShell API Work Flow

Annectens Academy WhatsApp +9819177797

You might also like