|
<< Click to Display Table of Contents >> Raynet One Data Hub > 2026.2 > Connectors > Alphabetic Connector List > Microsoft Intune > Prerequisites API Permissions |
In order to use this connector, the following application permissions must be configured for the app registration in Microsoft Entra ID. These are the minimum required permissions following the principle of least privilege:
Permission |
Necessity |
Description |
|---|---|---|
DeviceManagementApps.Read.All |
optional |
Read Microsoft Intune apps. Required only when the option to retrieve apps installed on managed devices is enabled. |
DeviceManagementManagedDevices.Read.All |
mandatory |
Read Microsoft Intune managed devices. Device inventory data will be extracted. |
Group.Read.All |
mandatory |
Read all groups including group properties and memberships. Device group assignments will be extracted. |
User.Read.All |
mandatory |
Read all user profiles. Basic user data (name, mail, user principal name, etc.) will be extracted. |
These permissions must be configured as application permissions (not delegated permissions) in the app registration. Application permissions allow the connector to run without a signed-in user context.