Configure Service Graph Connector for Microsoft Intune using SGC Central

  • Release version: Washingtondc
  • Updated May 21, 2025
  • 3 minutes to read

    • Use the playbook available with the SGC Central application to set up the Service Graph Connector for Microsoft Intune for pulling in Microsoft Intune data into the CMDB.

    Before you begin

    Install Service Graph Connector for Microsoft Intune version 2.5.0 or later from the ServiceNow Store. For ServiceNow Store installation steps, see Install a ServiceNow Store application.
    Obtain the following information from your Microsoft Intune administrator:
    • Client ID
    • Client Secret
    • Token URL
    For the connector to access the data in Microsoft Intune, the credential information is required to use the Microsoft Graph API. Therefore, you must grant the following Graph API permissions from the App registrations page in the Microsoft portal:
    • DeviceManagementManagedDevices.Read.All (Type: Application)
    • DeviceManagementApps.Read.All (Type: Application)
    • User.Read.All (Type: Application)

    Role required: cmdb_inst_admin or admin

    About this task

    The playbook experience for onboarding connectors is activated with SGC Central in the CMDB Workspace. To configure the SGC Central application, see Configuring SGC Central and for more information on how to interact with a playbook, see Interact with Playbook.

    For more details on permissions, see Service Graph Connector for Microsoft Intune - Troubleshooting connection issues on ServiceNow Community and Microsoft Graph permissions reference on the Microsoft documentation site.

    Procedure

    1. Navigate to Workspaces > CMDB Workspace.
    2. In the CMDB Workspace, select SGC Central.
    3. On the Overview page, select Create connection.
      Tip:
      Alternatively, you can select Create connection on the All connections page.
    4. On the Create connection window, select the Microsoft Intune connector type and then select Create connection.
    5. Complete the initial prerequisites when setting up a connection for the first time using a connector.
      Note:
      This step is required only during the first-time setup. See Perform initial setup tasks when creating a connection in SGC Central.
    6. Enter connection details and test the API connection for importing Microsoft Intune data.
      1. In the Setup stage of the playbook, select the Create and test connection activity.
      2. On the form, fill in the fields.
        Table 1. Create and test connection form
        Field Description
        Connection Name Name to identify the Microsoft Intune connection record.

        For example, SG-Intune connection.
        Connection URL Base URL to connect to your Microsoft Intune application.
        Based on the region of your Microsoft Intune application, enter the connection URL in one of the following formats:
        • Global
          https://graph.microsoft.com
        • US Government
          https://graph.microsoft.us
        • China
          https://microsoftgraph.chinacloudapi.cn
        • Germany
          https://graph.cloudapi.de/
        OAuth Client ID Client ID of the Microsoft Intune application as noted in the Before you begin section.
        OAuth Client Secret Client secret of the Microsoft Intune application as noted in the Before you begin section.
        OAuth Token URL Callback URL for the Microsoft Intune application.
        Based on the region of your Microsoft Intune application, enter the token URL in one of the following formats:
        • Global
          https://login.microsoftonline.com/<tenantid>/oauth2/v2.0/token
        • US Government
          https://login.microsoftonline.us/<tenantid>/oauth2/v2.0/token
        • China
          https://login.partner.microsoftonline.cn/<tenantid>/oauth2/v2.0/token
        • Germany
          https://login.microsoftonline.de/<tenantid>/oauth2/v2.0/token
        Where <tenantid> is the tenant ID of your Microsoft Intune application.
        Use MID server Option to use the MID Server for connecting to the Microsoft Intune instance.
        Note:
        A MID Server is required only if a direct connection between the ServiceNow and Microsoft Intune instances isn’t possible.
        Mid Selection MID Server for the connection.

        This field appears only when you select the Use MID Server check box.
      3. Select Create and test connection.
      4. Once the connection test is complete, select Continue.
    7. Configure the import schedule to import data at regular intervals.
      1. In the Setup stage of the playbook, select the Configure import schedule activity.
      2. Expand the Parent scheduled data import within the Import schedules list to select the Connection Name-SG-Intune Devices import schedule.
      3. Select the Active check box, and then fill in the run schedule and time details.

        For more information, see Schedule a data import.

      4. Select Save.
        Alternatively, select Execute Now to execute the import schedule immediately.
      5. Select Continue.
    8. In the Setup stage of the playbook, select the Confirm connection setup activity to verify whether the connection was configured.

    What to do next

    Select View all connections to review the connection details. The configured connection appears in the Installed connections list.