deviceManagement resource type

Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.

The deviceManagement resource represents a container whose contents vary according to workflow, including:

  • Auditing events
  • Corporate terms and conditions
  • Device configuration settings
  • Device management
  • Endpoint protection
  • Enrollment profiles
  • Notifications
  • Onboarding policies, settings, and details
  • Role-based access control (RBAC) policies
  • Remote assistance partners
  • Telecom expanse management partners
  • Troubleshooting events
  • Windows Information Protection summaries


Method Return Type Description
Get deviceManagement deviceManagement Read properties and relationships of the deviceManagement object.
Update deviceManagement deviceManagement Update the properties of a deviceManagement object.
verifyWindowsEnrollmentAutoDiscovery function Boolean Not yet documented
getEffectivePermissions function rolePermission collection or string collection Retrieves the effective permissions of the currently authenticated user


Property Type Description
id String Unique Identifier for the device
Device configuration
settings deviceManagementSettings Account level settings.
Device management
subscriptionState String Tenant mobile device management subscription state. The possible values are: pending, active, warning, disabled, deleted, blocked, lockedOut.
intuneBrand intuneBrand intuneBrand contains data which is used in customizing the appearance of the Company Portal applications as well as the end user web portal.


Relationship Type Description
auditEvents auditEvent collection The Audit Events
Corporate terms and conditions
termsAndConditions termsAndConditions collection The terms and conditions associated with device management of the company.
Device configuration
deviceCompliancePolicies deviceCompliancePolicy collection The device compliance policies.
deviceCompliancePolicyDeviceStateSummary deviceCompliancePolicyDeviceStateSummary The device compliance state summary for this account.
deviceCompliancePolicySettingStateSummaries deviceCompliancePolicySettingStateSummary collection The summary states of compliance policy settings for this account.
deviceConfigurationDeviceStateSummaries deviceConfigurationDeviceStateSummary The device configuration device state summary for this account.
deviceConfigurations deviceConfiguration collection The device configurations.
iosUpdateStatuses iosUpdateDeviceStatus collection The IOS software update installation statuses for this account.
softwareUpdateStatusSummary softwareUpdateStatusSummary The software update status summary.
Device management
applePushNotificationCertificate applePushNotificationCertificate Apple push notification certificate.
detectedApps detectedApp collection The list of detected apps associated with a device.
managedDeviceOverview managedDeviceOverview Device overview
managedDevices managedDevice collection The list of managed devices.
importedWindowsAutopilotDeviceIdentities importedWindowsAutopilotDeviceIdentity collection Collection of imported Windows autopilot devices.
importedWindowsAutopilotDeviceIdentityUploads importedWindowsAutopilotDeviceIdentityUpload collection Collection of Windows autopilot devices upload.
notificationMessageTemplates notificationMessageTemplate collection The Notification Message Templates.
conditionalAccessSettings onPremisesConditionalAccessSettings The Exchange on premises conditional access settings. On premises conditional access will require devices to be both enrolled and compliant for mail access
deviceCategories deviceCategory collection The list of device categories with the tenant.
deviceEnrollmentConfigurations deviceEnrollmentConfiguration collection The list of device enrollment configurations
deviceManagementPartners deviceManagementPartner collection The list of Device Management Partners configured by the tenant.
exchangeConnectors deviceManagementExchangeConnector collection The list of Exchange Connectors configured by the tenant.
mobileThreatDefenseConnectors mobileThreatDefenseConnector collection The list of Mobile threat Defense connectors configured by the tenant.
resourceOperations resourceOperation collection The Resource Operations.
roleAssignments deviceAndAppManagementRoleAssignment collection The Role Assignments.
roleDefinitions roleDefinition collection The Role Definitions.
Remote assistance
remoteAssistancePartners remoteAssistancePartner collection The remote assist partners.
Telecom expense management
telecomExpenseManagementPartners telecomExpenseManagementPartner collection The telecom expense management partners.
troubleshootingEvents deviceManagementTroubleshootingEvent collection The list of troubleshooting events for the tenant.
Windows Information Protection
windowsInformationProtectionAppLearningSummaries windowsInformationProtectionAppLearningSummary collection The windows information protection app learning summaries.
windowsInformationProtectionNetworkLearningSummaries windowsInformationProtectionNetworkLearningSummary collection The windows information protection network learning summaries.

JSON Representation

Here is a JSON representation of the resource.

  "@odata.type": "#microsoft.graph.deviceManagement",
  "id": "String (identifier)",
  "intuneBrand": {"@odata.type": "microsoft.graph.intuneBrand"},
  "subscriptionState": "String",
  "settings": {"@odata.type": "microsoft.graph.deviceManagementSettings"}