Microsoft Intune to JSM Assets

Owned by Girish Reddy
Last updated: Aug 23, 2024
2 min read

Here’s a demo video showing integration between Microsoft Intune and JSM Assets:

https://www.loom.com/share/1067e65526244ee890c9cb37360414d1

Please review instructions here to get started with setting up an Assets import configuration. You can then access OnLink app from the “Manage your apps” menu to further configure and set the field level mapping. Here’s an example configuration:

 

image-20240323-031909.png

 

 

 

 

  1. Set a descriptive name for this map

  2. Set source system to Microsoft Intune

  3. Asset Schema is pre-filled. This is the schema in JSM Assets on which you started the configuration.

  4. Select the Object Type within your schema.

  5. Select schedule frequency

  6. Attribute mapping - see below for more details.

 

Sample Intune Object Schema

 

image-20240323-032002.png

 

 

 

Here’s the associated mapping

key:id=id
map:userId=userId
map:userId=userIdRef|WorkerID=${userId}
map:deviceName=deviceName
map:deviceModel=deviceModel
map:operatingSystem=operatingSystem
map:complianceState=complianceState
map:managementAgent=managementAgent

 

Below is a detailed breakdown of each of the mapping items:

Key or Map

Description

Key or Map

Description

key:id=id

The keyword “key” refers to using id (from Intune) as a unique identifier. This allows OnLink to update the record.

map:userId=userId

Maps userId from Intune userId text attribute

map:emailAddress=JiraUser

The EmailAddress field containing email address of worker is mapped to JiraUser, which is an attribute of type “User”. Here OnLink looks-up the Atlassian User object based on the email address.

map:userId=userIdRef|WorkerID=${userId}

This maps userId from Intune to user object. WorkerID is the unique ID on the user object.

map:deviceModel=deviceModel

Maps deviceModel property from Intune. Any field (string, boolean, date) from Intune API can be used as the source field. Here’s the list of fields: managedDevice resource type - Microsoft Graph v1.0

Here are some common fields:

userId
complianceState
deviceName
deviceModel
enrolledDateTime
operatingSystem
jailBroken
osVersion
azureADRegistered
activationLockBypassCode
deviceCategoryDisplayName
isEncrypted
model
manufacturer
serialNumber
managedDeviceName
managementAgent

config:filter=deviceName eq null or deviceName eq ''

Optional parameter to add filter to list devices; any valid filter expression can be used here

config:data_limit=100

Optional parameter to limit the number of users to pull from Intune. This can be used for initial testing.

OnLink processes data in two steps - Get Data and Import Data. To manually test, you can click on Get Data first and then wait until you see “No more pending records. Data will be imported on next Import run.” message in Job Logs. Then, click on Import. Production runs are fully automated based on the schedule you choose.

Ensure the application you register in Azure AD has the below permissions.