Skip to content
  • There are no suggestions because the search field is empty.

Microsoft Intune Integration Guide

Connect Microsoft Intune to Adoptech to automatically import device compliance data and generate evidence for endpoint security controls.

Overview

The Microsoft Intune integration enables Adoptech to automatically collect device compliance information from your Microsoft Intune environment.

Once connected, Adoptech imports information about managed devices and their compliance status, helping organisations monitor endpoint security, device hardening and compliance with security policies.

This integration helps organisations:

  • Monitor device compliance across Windows, macOS, iOS and Android devices
  • Verify encryption and endpoint protection controls
  • Evidence device hardening requirements
  • Track compliance with corporate security policies
  • Generate audit-ready evidence automatically

Prerequisites

Before configuring the integration, ensure you have:

  • Microsoft Intune licensing enabled
  • Global Administrator or Intune Administrator permissions
  • Access to Microsoft Entra ID (Azure AD)
  • Permission to register applications in Azure

What Data We Collect

Once connected, Adoptech retrieves read-only device compliance information including:

  • Device inventory
  • Device operating systems
  • Compliance status
  • Disk encryption status
  • Anti-malware status
  • Secure Boot status
  • Device management status
  • Jailbreak and root detection status
  • Configuration compliance information
  • Device security posture

Adoptech does not modify Intune settings or device configurations.

What We Use the Data For

The imported Intune data is used to:

  • Monitor endpoint compliance
  • Verify device security controls
  • Support device hardening programmes
  • Evidence patching and endpoint protection controls
  • Generate compliance reports
  • Support audit preparation activities

Example Controls Supported

The Microsoft Intune integration can provide evidence supporting:

ISO 27001:2022

  • A.5.15 Access Control
  • A.5.17 Authentication Information
  • A.8.1 User Endpoint Devices
  • A.8.7 Protection Against Malware
  • A.8.8 Management of Technical Vulnerabilities
  • A.8.24 Use of Cryptography

SOC 2

  • CC6.1
  • CC6.6
  • CC7.1
  • CC7.2

NIST 800-53

  • AC-06 Least Privilege
  • CM-06 Configuration Settings
  • CM-07 Least Functionality
  • SI-02 Flaw Remediation
  • SI-03 Malicious Code Protection
  • SC-28 Protection of Information at Rest
  • CA-07 Continuous Monitoring

How do I configure Intune?

Go to https://portal.azure.com/ in your browser, sign in as an administrator, and then click the icon for Microsoft Entra ID.

From the left-hand side menu, choose Manage > App Registrations.

From the top menu, select New registration.

Enter a name for the application. You can choose any name, but we recommend that you call it Adoptech Intune for clarity. Set Supported account types to Single tenant, then click Register.

Now take a copy of the Application (client) ID and the Directory (tenant) ID. If you hover your pointer over the string, you'll get a Copy to clipboard icon. You will need these strings later to connect the Adoptech Portal to Azure. You should store these in a secure place, such as in your password manager. Then click Certificates and secrets.

Click New client secret. Enter Adoptech in the Description field and choose 730 days (24 months) in the Expires dropdown. Then click Add.

Make a note of the string in the Value field. This is your client secret, and it should be stored in a secure place, such as your password manager.

From the left-hand side menu, choose API permissions. Then click Add a permission. Now click on Microsoft Graph (not Intune) in the right-hand pop-up window.

Then choose Application permissions. In the Select permissions box, enter ManagedDevices. Flip down the Directory dropdown and enable the checkbox labelled DeviceManagementManagedDevices.Read.All. This gives the Adoptech Portal permission to read your company devices compliance data, but not to configure them.
Finally, click Add permissions.

Now click Grant admin consent and confirm in the following pop-up box by selecting Yes.

How do I configure Adoptech?

Now open the Adoptech Portal (https://portal.adoptech.co.uk/) in your browser, click Apps & Integrations on the left-hand side menu and find the Intune card in the list of integrations.




Press the Get started and Connect button.

Now paste in the three strings that you saved from your earlier steps on Azure, and click Connect. Enter the Credentials:

You will be presented with a list of test you can now switch on: 



Security & Data Privacy

The Microsoft Intune integration uses read-only access.

Adoptech:

  • Cannot modify Intune policies
  • Cannot enrol or remove devices
  • Cannot push configurations
  • Cannot perform device actions

All collected information is encrypted in transit and at rest.

Need Help? Contact support@adoptech.co.uk or open a chat