Does anyone know what happens to an enrolled InTune device if the device is deleted via the Microsoft Graph API? Does that wipe the managed data on the device and remove it from InTune?
I cannot seem to find any documentation that answers this question.
The instructions in your link are used to delete a Azure AD registered device, not used to delete the managed devices in Intune. So the answer for your question is "No", if you want to delete managed devices and wipe data in Intune using Microsoft Graph API, you should run the DELETE & POST requests as the followings:
POST https://graph.microsoft.com/beta/managedDevices/{id}/wipe
DELETE https://graph.microsoft.com/beta/managedDevices/{id}
For more details about the Intune Graph API, please refer to docs here.
If you "Delete" The managed device (enrolled device), it will remove the device from list All Devices.
And the most important, you can't manage the device again, for example if you use Windows Autopilot your device will be stuck - cannot login.
both Graph API or Direct from Azure AD give same result
Related
I'm trying to get a list of devices associated with my Microsoft account. When somebody uses his Microsoft account for logging in into his Windows account, he can see that in https://account.microsoft.com/devices/ appears a new device, from which he has logged in. So, I'd like to get this list using API. I've tried to send GET request to https://graph.microsoft.com/v1.0/devices as the Documentation says using my access token, but an empty list is returned although in https://account.microsoft.com/devices/ there are registered devices. What's the problem?
The /devices endpoint hasn't been released so it isn't available under /v1.0. It is only available under /beta.
You can find details on how to use /devices in the Beta documentation.
We are using the iOS Intune SDK to build a native MAM app. This app needs to access the Graph API to read the user profile and other data. What we did:
(1) We registered a app and gave the permissions: User.Read (for Graph and Windows Azure AD), DeviceManagementManagedApp.ReadWrite
Login and enrollment to Intune is working, the app gets enrolled. But, when trying to obtain the access token for the Graph API using the ADAL SDK I need to sign in again a then I am blocked with the message that the device needs to be managed to access this resource.
Do I need another permission? Where to I get the access token from? Is anything else missing?
From your description it appears you have a Conditional Access policy enabled that requires mobile devices are Intune MDM managed. When you call the Graph API from an unmanaged device it will ask you to enroll the device. If you remove the Conditional Access policy you should be able to confirm this.
I am using MDM to configure Email accounts on the devices using
Mail/Exchange ActiveSync payload.
I was wondering if there is a way where I can also configure OneDrive and DropBox accounts using MDM or Apple Configurator.
I know we can install the Apps but is there a way where I can add a specific account too?
Each application has different capabilities for being provisioned as it's being sent down to the device, therefore, there's no easy answer to this
However, firstly, I'd start with https://appconfig.org which is an initiative to getting developers to use the same format for Managed App Config. This also allows MDM vendors to "read" the Managed app config capabilities of an app, saving you the hassle of having to look this information up on the web
You'll struggle with Microsoft apps beyond VERY basic capabilities. However, for DropBox, there's some information here: Dropbox EMM support
We're trying to automate device creation using the Graph API.
What is our situation: We don't have intune. We use another 3rd party MDM solution and have a API there to extract information. We have Azure and we use conditional access to allow access to cloud ressources from managed and compliant devices only.
So far only Intune can report compliance status to Azure AD of a managed iOS device. So we were trying to automate ths process by creating devices in Azure AD using Graph API and stuck on the value to use for deviceID in the JSON (documentation).
The general UUID and UDID, what we can get from our MDM API are not working, so the device is not recognized because the deviceID read from the OneDrive App for example is not matching with UUID/UDID we extracted, during authentication in Azure as compliant/managed.
Can anyone help how to correctly generate/use the Create Device API in Graph to have the right deviceID so the device will be recognized correctly when accessing cloud resources?
It drives me crazy, please help.
I want to integrate QuickBooks Enterprise 2014 with my website.
I managed to create app via developer center.
I managed to sync data using Sync Manager.
I managed to see synced data i my appcenter account (company file).
I managed to implement OAuth authorization with QuickBooks connect button
I managed to use api explorer V3QBD (even though they say it's deprecated) to access synced data
now...
there is no option to choose desktop company file when authorizing... there is only a message saying I need QuickBooks Online subscription.
I don't want to subscribe to QBO, I want to access a company file synced via SyncManager.
Is it still possible ?
I read that you need to set your app to use desktop data source, but this option is not available anymore?
After one week of investigation I couldn't find answers to that, but one "you need to use web connector", is this true ?
please, confirm
thanks ahead
Unless you have been grandfathered in, you can not use sync manager and access QBD data through the API's. You will need to use the QBXML SDK and web connector for accessing desktop data.