Intune (Initial Setup)
Setting up Intune for the first time
Create a new Azure AD Application that can verify your Intune requests.
In your Azure Portal, go to App Registrations and create a new Registration.
You may name it Foxpass-Intune-Verification and select this option 'Accounts in this organizational directory only ( only - Single tenant)'.
Now, from the list in App Registrations, click on the newly created App. Go to the "Manifest" section, and update the "requiredResourceAccess" section to look like the below:
"requiredResourceAccess": [
{
"resourceAppId": "00000002-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "3afa6a7d-9b1a-42eb-948e-1650a849e176",
"type": "Role"
}
]
},
{
"resourceAppId": "c161e42e-d4df-4a3d-9b42-e7a3c31f59d4",
"resourceAccess": [
{
"id": "39d724e8-6a34-4930-9a36-364082c35716",
"type": "Role"
}
]
}
],
Now, go to the "API permissions" section and click on 'Grant admin consent' button on the top of the Permissions page and click 'Yes'.
- Go to the 'Overview' section of your App and copy the Application (client) ID and Directory (tenant) ID.
- Go to the 'Certificates & secrets' section of your App and under 'Client secrets', click on the 'New client secret' button. Copy the secret value - this is your client's secret. Note - Make sure you copy the secret value and not the secret ID.
- Go to the Foxpass Console's SCEP page, click on Create SCEP endpoint.
- Name - Give a name to your endpoint.
- Verification type - User
- Authentication type = 'Azure'
- Azure Tenant ID - Paste the Tenant ID copied from Azure
- Azure Client ID - Paste the Client ID copied from Azure
- Azure app client secret - Paste the secret copied from Azure
- Click 'Create' button.
Updated 2 months ago