Help Center
Go back to application
Help Center
Go back to application
Platform Terms GlossaryContacting Support and Reporting Bugs
Task Management
Task Management explained Creating Tasks Setting up Task NotificationsGiving permissions to team members
Organization
Working together in KertosInviting UsersCreating rolesAssigning System AccessCreating Departments and Assigning Users
Integrations
Discovery
Tasks
Device Management
Microsoft IntuneHardware Compliance Score Synckertos Device Monitor
Human Resource Information Systems
Inventory
Inventorization of vendorsInventorization of systemsInventorization of assetsEU AI Act: Inventorization of AI use cases
Risks
Managing risks
Trust Center
Setting up your trust center
Incidents
Reporting incidents
KAIA
KAIA explainedPrinciples of AI at Kertos
Interacting with KAIA
Compliance
Frameworks explainedManaging & implementing controlsCreating & managing policiesCompleting & assigning trainingsGuidanceDetermining Control Applicability
Privacy Management
Creating a RoPACreating TOMsCreating DPIAs
Data Subject Requests
API Reference
Ingress API Docs for DSRs Webhook API Docs for DSRs
Auto Checks
Auto Checks explainedAuto Checks: AWS Auto Checks: AzureAuto Checks: GCPAuto Checks: GitHubEnabling Auto Checks by Reconfiguring the Azure IntegrationEnabling Auto Checks by Reconfiguring the GCP IntegrationEnabling Auto Checks by Reconfiguring the AWS Integration
AWS Auto Checks Detailed Explanations
Azure Auto Checks Detailed Explanations
GitHub Auto Checks Detailed Explanations
Login and authentication
2FA Login

Microsoft Intune

Efficient asset management is a cornerstone of privacy and compliance operations. Our integration with Microsoft Intune enables seamless synchronization of managed assets into Kertos, saving time and ensuring your asset inventory is always accurate and up-to-date. This guide will walk you through the setup and management process for the Microsoft Intune integration.

Important:
You must have sufficient admin permissions in your Azure Active Directory (AAD) and Intune environment to complete this setup.
Without these permissions, you won’t be able to register an app, create client secrets, or grant API permissions.

How to Enable Intune Integration in Kertos

  • Go to the Integrations page in Kertos.
  • Click Setup in the Microsoft Intune Integration card.
  • You will be prompted to choose between two setup options:
  • SSO Login (automatic setup) — Kertos handles authentication and configuration for you.
  • Manual setup (least-privilege approach) — follow the detailed steps below.

Step 2: Register an Application in Azure

  • Sign in to the Azure Portal with your Intune admin account.
  • Navigate to App registrations or go directly to:
    https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
  • Click New registration.
  • Complete the form:
  • Name: Kertos
  • Leave other fields as default.
  • Click Register.
  • After registration, copy the Application (client) ID from the Essentials box.
  • Paste it into the Application ID field in Kertos.
  • Copy the Directory (tenant) ID from the same section.
  • Paste it into the Tenant ID field in Kertos.

Step 3: Create a Client Secret

  • In the Azure app’s sidebar, click Certificates & secrets.
  • Under Client secrets, click New client secret.
  • Fill out the form:
  • Description: Kertos
  • Expires: 24 months
  • Click Add.
  • Copy the Value of the new client secret immediately.
  • Paste it into the Secret Value field in Kertos.

Step 4: Configure API Permissions

  • In the Azure app sidebar, select API permissions.
  • Click Add a permissionMicrosoft GraphApplication permissions.
  • Search for and enable the following permissions:
  • DeviceManagementManagedDevices.Read.All
  • DeviceManagementConfiguration.Read.All
  • Click Add permissions.
  • Then click Grant admin consent at the top to finalize permissions.

Step 5: Finalize Integration in Kertos

  • Return to the Kertos Integrations page.
  • Verify that all fields (Application ID, Tenant ID, Secret Value) are filled correctly.
  • Click Save to complete setup.
  • Once saved, choose whether to start a One-time run or enable Periodic runs.
  • One-time run: Executes a single discovery and asset sync.
  • Periodic run (recommended): Keeps your Intune asset inventory automatically synced on a daily basis.

Was this article helpful?

Powered by Product Fruits