Set up the Microsoft Intune spoke

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 3 minutes de lecture

    • Integrate your ServiceNow instance with the Microsoft Intune account by creating a custom OAuth application in Microsoft Intune.

    Avant de commencer

    • Request an Integration Hub subscription.
    • Activate the Microsoft Intune plugin.
    • Role required: admin.

    Register OAuth application using the Microsoft Azure portal

    Provide authorization to the ServiceNow instance by registering an application on Microsoft Entra ID.

    Avant de commencer

    Role required: Azure Active Directory admin

    Pourquoi et quand exécuter cette tâche

    Complete these steps from the Microsoft Azure portal.

    Procédure

    1. Log in to the Microsoft Azure portal.
      For instructions on registering an application, see Tutorial: Register an app with Azure Active Directory in the Microsoft Azure documentation.
    2. In the Azure portal, add the Redirect URIs.
      The Redirect URI should be in the format https://<instance-name>.service-now.com/oauth_redirect.do. For more information, see Authentication and authorization for Azure Time Series Insights API.
    3. For the Required Permissions, ensure that you provide these permissions:
      API permissions
      Depending on your requirement, the permissions can be of the type, Application, or Delegated. For more information, see Quickstart: Configure a client application to access a web API in Microsoft Docs.
    4. In the Azure portal, create a client secret.
      For more information, see Option 2: Create a new application secret.
    5. Copy the client secret for later reference.

    Résultats

    The ServiceNow application is created with Microsoft Azure AD.

    Register Microsoft Intune as an OAuth provider

    Use the information generated during the application configuration in Microsoft Azure portal to register Microsoft Intune as the OAuth provider so that the ServiceNow instance can request OAuth 2.0 tokens.

    Avant de commencer

    Role required: admin

    Procédure

    1. Navigate to All > System OAuth > Application Registry.
    2. Open for the record, Microsoft Intune.
    3. On the form, fill these values.
      Tableau 1. Application Registries form
      Field Description
      Client ID Application ID created during application registration.
      Client Secret Client secret created during application registration.
      Active Option to actively use the application registry.
      Authorization URL OAuth authorization code endpoint. Enter https://login.microsoftonline.com/<Directory-ID>/oauth2/v2.0/authorize.
      Token URL OAuth server token endpoint. Enter https://login.microsoftonline.com/<Directory-ID>/oauth2/v2.0/token.
      Token Revocation URL OAuth server token revocation endpoint.
      Redirect URL OAuth callback endpoint. Enter https://<instance-name>.service-now.com/oauth_redirect.do.
    4. Right-click the form header, and click Save.

    Create a credential record for the Microsoft Intune spoke

    Authorize the Microsoft Intune spoke actions by creating credential records for the application registered in the Microsoft Azure portal. The Microsoft Intune connection and credential alias uses these credentials to authorize actions.

    Avant de commencer

    Role required: admin.

    Procédure

    1. Navigate to All > Connections & Credentials > Credentials.
    2. Click New.

      The system displays this message: What type of Credentials would you like to create?

    3. Select OAuth 2.0 Credentials.
    4. On the form, fill in the fields.
      Tableau 2. OAuth 2.0 Credentials form
      Field Description
      Name Name to uniquely identify the record. For example, MS Intune Cred.
      Active Option to actively use the credential record.
      OAuth Entity Profile OAuth profile created during the registration of Microsoft Intune as an OAuth provider. For example, Microsoft Intune default_profile.
    5. Right-click the form header and click Submit.
    6. To generate the OAuth token, click the Get OAuth Token related link.

    Create a connection record for the Microsoft Intune spoke

    Perform actions in Microsoft Intune by creating connection records for your Microsoft Intune account. The Microsoft Intune connection and credential alias uses these connections to perform actions.

    Avant de commencer

    Role required: admin.

    Procédure

    1. Navigate to All > Connections & Credentials > Connections & Credentials Aliases.
    2. Open the alias record, Microsoft_Intune.
    3. From the Connections tab, click New.
    4. On the form, fill in the fields.
      Tableau 3. HTTP(s) Connection form
      Field Description
      Name Name to uniquely identify the record. For example, MS Intune Connection.
      Credential Credential record created for Microsoft Intune spoke. For example, MS Intune Cred.
      Connection alias Alias record associated with this connection.
      URL builder
      Remarque :
      Do not select the check box.
      Connection URL Connection URL. Enter https://graph.microsoft.com.
      Active Option to actively use the connection.
      Domain Domain that the action or activity runs in.
    5. In the Attributes tab, specify v1.0 for u_version.
    6. Click Submit.

    Résultats

    The Microsoft Intune spoke is set up and Microsoft Intune is integrated with the ServiceNow instance.