Integrate with Microsoft Intune - Scripted Data Retrieval

Kieran Anson
Kilo Patron

‎12-11-2021 11:03 PM - edited ‎07-20-2025 12:09 PM

< Previous Article    Next Article >
Authenticating with Azure // Microsoft Graph API   IntegrationHub Data Retrieval

Introduction

The great thing about ServiceNow is that there are n+1 ways of doing something which allows for creative solutions. The risk and consideration with scripting is ensuring instance performance isn't harmed by creating poor performing code. This scripted approach provides the framework for retrieving information from Microsoft Graph, but isn't designed to be production-ready. If you have any questions please feel free to leave them in the comments section below and I'll be more than happy to advise.

Outbound REST Message

To group all our Intune queries in one location and simplify management, an Outbound REST message record is created which will avoid needing to write large unwieldy scripts.

  • From the application navigator, search for REST Message and create a new record
  • Name the new record something succinct as this name will be used in scripts
  • Set the endpoint to https://graph.microsoft.com/
  • Set the authentication method to OAuth 2.0 and the profile we created in the previous article.
  • Save the record

For this example, we're going to focus on retrieving only computer devices from Intune using a filter on the API query.

  • Create a HTTP method via the related list
  • Set the name to GET Computing Devices
  • Set the endpoint to https://graph.microsoft.com/beta/deviceManagement/managedDevices
  • Save the record
  • To test, we're going to add ?$top=5 to the end of the endpoint to limit the results returned. Use the Test UI action to retrieve the data. If all is setup correctly, you'll receive a 200 HTTP code and a response body of records.

Staging Table

Now to simplify the process for you, we're going to do a bit of SN trickery to save us some time with the setup process and avoid this article becoming a novel. Effectively, we need to create an import set table that has a single JSON column to hold each managedDevice object ready for transforming. Now, for whatever reason, ServiceNow has disabled the option for us to select JSON columns as a type and requires a fix script to run to allow the option. Rather than modifying system records and putting you in uncomfortable territory, we can get ServiceNow to do it for us.

  • Create a new data source record, accessible under System Import Sets
  • Set the name and import set label to Intune Computer Device Imp
  • Set the type to file and format to JSON
  • In the path field enter /results/results
  • Ensure the Data in single column is selected
  • Save the record
  • Open notepad on your PC (or any simple text editor) and create a JSON file type with the below content:
{ "results" : [{} , {} ] }
  • Upload the JSON file to the data source record using the attachment paper clip icon.
  • Use the Load All Records UI Action to generate the table

Create Script Include

Now, finally for some scripting. We need to retrieve the data, load the data into the import table, retrieve more data if available, and finally run the transformation.

  • Download the attached script include and import it into your instance by navigating the Script Include table and right clicking one of the headers. Select Import XML and upload the file.
  • Navigate to the newly inserted IntuneUtils script include.
  • Modify line 32 from Intune Graph API - READ to the name of the Outbound REST Message you created as part of the first step in this article.
  • This script include provides you with the boilerplate of retrieving data and inserting it into the import set table. It's not intended to be error-proof but to provide you with the basics.
  • Run the utility using scripts background and new IntuneUtils("import_table" , "data_source_name" , "odata_filter").run(); replacing the paramters with relevant information.
  • You should now see rows in your import set table that are ready to be transformed!

 

 

 

Preview file
5 KB
  • 4,139 Views
Comments
Luiz Lucena
Mega Sage
‎01-10-2022 02:48 PM

Hi Kieran, 

First of all, thanks for the article!

We already have the Import Set, the REST message in place and we are importing some devices into ServiceNow. 
However, we are retrieving only 1000 devices per job run. 

I'm thinking of importing your script include to allow us to import more devices. 
What do you think?

Kieran Anson
Kilo Patron
‎01-10-2022 05:02 PM

Hiya @Luiz Lucena ,

You'll be hitting the 1k limit per request so my script include will help to run the import recursively, leveraging the nextLink value in the payload.

 

The attached script include uses the getRESTMessage as the entry/calling point, if the response body has a nextLink value, it'll call itself with that value to get the next payload. This process will loop until all the records are retrieved 

phil50
Tera Contributor
‎04-11-2023 11:11 AM

When using the Intune Service Graph Connector v2.2.1 we need to leverage a new field "lastSyncDateTime" and only import those records that were last synced in the last 24 hours.  We were attempting to leverage the Before Script.  However, I am not sure I have the correct syntax.

 

Anyone know how to writ this code, or see a preview of the Import Set to ensure we are using the proper field?

 

Currently using to verify if it is working.  This code is checking the osVersion:

 

(function(input, runId) {

// Add your code here
for (var i = 0; i < payload.items.length; i++)
if (payload.items[i].values.osversion('10.0.19045.2728'))
input[i].status = 'SKIPPED';
input[i].reason = 'Skipping IRE processing of this payload.';

 

})(input, runId);

0 Helpfuls
vbilgin
Tera Contributor
‎05-14-2023 03:57 PM

Hi Kieran, thank you for this article! It's been super helpful. Everything is working as expected except that the script isn't pulling more than 1k endpoints when run. I'm seeing the following error in the output that seems to be referring to line 85 of the script but I'm not sure what the specific issue is. Is there any chance you're familiar with this issue?

 

Evaluator: com.glide.script.RhinoEcmaError: Cannot convert null to an object.
script : Line(85) column(0)

0 Helpfuls
Nathan Okh
Mega Sage
‎08-23-2023 03:41 PM

Hi @Kieran Anson! this has been super helpful. 

However, I'm getting an error when running the last step Scripts - Background. I think I set up everything accordingly. 

1. I have a good connection. 200 (OUTBOUNDS REST)

2. I uploaded the script and modified it accordingly. (SCRIPT INCLUDE)

2a. is there another line to modify other than line 32? (which was line 23 for me)...

NathanOkh_2-1692830383119.png

 



3. I've setup the Data Source and uploaded the json file:(STAGING)

NathanOkh_0-1692830016544.png

 



3. I am trying to run the Script - Background you noted and I'm getting this error:

NathanOkh_1-1692830038732.png

 


Can you help me?

adaomoji
Tera Contributor
‎11-12-2023 03:33 PM

Hello @Kieran Anson , 

 

Thank you so much for this series on Microsoft Intune!

 

I have been following the steps in your articles and am stuck on the Outbound REST message. When I test the HTTP method, I get the below error. Even when I add '$top=5' to the endpoint. I believe my OAuth2 info is correct because I am always able to get a token. I also get a 400 response when I test the connection in the Service Graph Connector for Intune guided setup, so I can not move on.  Do you have any ideas? 

 

adaomoji_0-1699831845802.png

 

0 Helpfuls
Version history
Last update:
‎07-20-2025 12:09 PM
Updated by:
Contributors