Status: Available (sub-feature of Azure AD integration)
Prerequisite: Azure AD integration must be connected first
License required: Microsoft Intune (included in M365 Business Premium, E3, E5)
Syncs: Managed devices, compliance policies, configuration profiles
Prerequisite: Azure AD integration must be connected first
License required: Microsoft Intune (included in M365 Business Premium, E3, E5)
Syncs: Managed devices, compliance policies, configuration profiles
Prerequisites
Intune data is synced as part of the Azure AD integration. The required permissions are already included in the Azure AD setup:DeviceManagementManagedDevices.Read.AllDeviceManagementConfiguration.Read.All
Verify Intune Permissions Are Granted
- Go to portal.azure.com → App registrations → SecurAtlas Integration
- Click API permissions
- Confirm these two permissions show Granted status:
DeviceManagementManagedDevices.Read.AllDeviceManagementConfiguration.Read.All
What Gets Synced
| Entity | Data |
|---|---|
| Managed devices | Device name, OS, compliance state, last sync time |
| Compliance policies | Policy name, assigned groups, settings |
| Configuration profiles | Profile name, deployment status |
| App protection policies | MAM policies and protected apps |
Troubleshooting
No Intune devices showing after sync
No Intune devices showing after sync
Confirm the tenant has active Intune licenses and at least one device enrolled. Check that DeviceManagementManagedDevices.Read.All is granted in the app registration.
Compliance status shows as unknown
Compliance status shows as unknown
The device may not have checked in recently. Intune compliance state requires the device to sync with Intune within the compliance policy check-in window (default 8 hours).