Configure the Connection Between Jamf Pro and Microsoft Intune
To enable the connection between Microsoft Intune and Jamf Pro, you must configure configure both Microsoft Intune and Jamf Pro.
Configuring the connection between Jamf Pro and Microsoft Intune involves the following steps:
-
Create a new application for Jamf Pro in Microsoft Azure
-
Configure Microsoft Intune to allow the Jamf Pro integration
-
Configure Microsoft Intune Integration settings in Jamf Pro
Step 1: Create a new application for Jamf Pro in Microsoft Azure
-
Open Azure Active Directory, and navigate to App Registration.
-
Click +New application registration.
-
Enter the display name for the Jamf Pro application.
-
For the application type select Web app / API.
-
Specify the Sign-On URL for Jamf Pro.
-
Click Create application.
-
-
Select the newly created application and copy the Application ID field.
Note: The Application ID is required to configure the Compliance Connector in Intune and for configuring Microsoft Intune Integration settings in Jamf Pro. -
Navigate to Settings > API Access > Keys, and create a new Application Key. Once a new key has been created, copy the value for the Application Key.
Note: The Application Key is required to configure the Microsoft Intune Integration settings in Jamf Pro. The value for the Application Key is shown only once during Application Key creation.
If the Application Key expires, you must create a new Application Key in Microsoft Azure and then update the Microsoft Intune Integration configuration in Jamf Pro. Microsoft Azure allows you to have both the old key and new key active to prevent service disruptions. -
Navigate to Settings > API Access > Required Permissions.
-
Delete all permissions, including the default permissions.
-
Add a new required permission for the Microsoft Intune API, and then select the Send device attributes to Microsoft Intune checkbox. The application must only have one required permission.
-
Click Grant Permissions after saving the required permission for the application.
-
Step 2: Configure Microsoft Intune to allow the Jamf Pro integration
-
In the Microsoft Azure portal, navigate to Microsoft Intune > Device Compliance > Partner device management.
-
Enable the Compliance Connector for Jamf by pasting the Application ID into the Jamf Azure Active Directory App ID field.
-
Click Save.
Step 3: Configure Microsoft Intune Integration settings in Jamf Pro
-
In Jamf Pro, navigate to Settings > Global Management.
-
Click Microsoft Intune Integration, and then click Edit.
-
Select the Enable Microsoft Intune Integration checkbox.
When this setting is selected, Jamf Pro will send inventory updates to Microsoft Intune. Clear the selection if you want to disable the connection but save your configuration. -
Select the location of your Sovereign Cloud from Microsoft.
-
Click Open administrator consent URL, and follow the onscreen prompts to allow the Jamf Native macOS Connector app to be added to your Azure AD tenant.
-
Add the Azure AD Tenant Name from Microsoft Azure.
-
Add the Application ID and Key for the Jamf Pro application from Microsoft Azure.
-
Click Save.
Jamf Pro will test the configuration and report the success or failure of the connection.