Intune Permissions

This is the list of required permissions for Microsoft Intune. It is not required to grant permissions for functions you do not use in SoftwareCentral.

There are two lists of permissions. One for when you authenticate as an application and one for when you authenticate as a user.

 

Authenticate as application

Sign in (Delegated permissions)

email

offline_access

openid

profile

 

Device Management (Application permissions)

Device.ReadWrite.All

BitlockerKey.Read.All

DeviceManagementConfiguration.ReadWrite.All

DeviceManagementManagedDevices.PrivilegedOperations.All

DeviceManagementManagedDevices.ReadWrite.All

 

Device Management (Delegated permissions)

DeviceManagementManagedDevices.Read.All

 

Application Deployment (Application permissions)

DeviceManagementApps.ReadWrite.All

Group.ReadWrite.All

Directory.ReadWrite.All

GroupMember.ReadWrite.All

 

 

Authenticate as user

Sign in (Delegated permissions)

email

offline_access

openid

profile

 

Device Management (Delegated permissions)

Device.Read

DeviceManagementManagedDevices.PriviligedOperation.All

DeviceManagementManagedDevices.ReadWrite.All

 

Application Deployment (Delegated permissions)

DeviceManagementApps.ReadWrite.All

Group.ReadWrite.All

Directory.ReadWrite.All

Directory.AccessAsUser.All

GroupMember.ReadWrite.All

 

See Also

 

 


© Copyright - SoftwareCentral

https://softwarecentral.cloud/help