Create an app registration in Entra
Entra
You must create an app registration in
Entra
that UEM
can use to authenticate with Entra
.- Review the Prerequisites to support Intune app protection.
- In theUEMmanagement console, on the menu bar, clickSettings > External integration > Microsoft Intune. Record the value of theReply URL. You will use this URL in step 3.
- Log in to the Entra portal.
- In the section for app registrations, add a new registration.
- Specify the following and complete the registration:
- Type a name for the registration.
- Select which account types can use the application or access the API.
- For the redirect URI, clickMobile Client/Desktopand enter the Reply URL from the management console.
- Copy the application ID.This is the Client ID that you will register withUEM.
- In the section for managing API permissions, add a permission and select the following:
- Microsoft Graph
- Delegated permissions
- Set the following delegated permissions:
- Read and write Microsoft Intune apps (DeviceManagementApps > DeviceManagementApps.ReadWrite.All)
- Read all groups (Group > Group.Read.All)
- Read all users' basic profile (User > User.ReadBasic.All)
- Grant administrator consent for all accounts in the current directory.
- In the section for managing certificates and secrets, add a new client secret and specify a description and duration.
- Copy the Value field of the new client secret (not the Secret ID).This is the Client key that you will register withUEM.