Why do we need write permission(on Intune) for setting up the Service Graph connector for Microsoft Intune

Ashutosh32 · ‎08-31-2022

Hello,

We are using Service Graph connector for Microsoft Intune to pull data from the Microsoft Intune application into your ServiceNow instance. We are following the document to setup the connection and load the data. Before we start setting up the configuration, there is a pre-requisite that 'You need to have the Enable Access setting set to the DeviceManagementServiceConfig.ReadWrite.All. permissions to read and write the Microsoft Intune configuration.'

Does anyone know on the use case for having 'write' permission on Intune and if we can continue setting up the connection without having the write permission on Intune?

Here is the link to the document - https://docs.servicenow.com/bundle/sandiego-servicenow-platform/page/product/configuration-management/concept/cmdb-integration-intune.html

Thank you!

Ruchit · ‎09-22-2022

You dont need write permission to discoverIntune Devices. With read only access you can still discover CIs.

Rahul Priyadars · ‎09-22-2022

Servicenow has not explained in GA docs but seems intune graph API and Oauth toekn needs this from MS Intune perspective.

I found a KB which do not talk about same but there also its stated you need above permission.

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0996780

Regards

RP