deviceManagement resource type
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
The deviceManagement resource represents a container whose contents vary according to workflow, including:
Android for Work settings
Auditing events
Corporate terms and conditions
Corporate enrollment profiles
Device configuration settings
Device intent settings
Device management
Electronic SIM (ESIM)
Group Policy Analytics
Notifications
Onboarding policies, settings, and details
Policy Set
Resource Access Policy
Remote access
Remote assistance partners
Role-based access control (RBAC) policies
Reporting
Troubleshooting events
Windows Information Protection summaries
Methods
| Method | Return Type | Description |
|---|---|---|
| Get deviceManagement | Read properties and relationships of the deviceManagement object. | |
| Update deviceManagement | Update the properties of a deviceManagement object. | |
| Device configuration | ||
| enableLegacyPcManagement action | None | Not yet documented |
| Device management | ||
| sendCustomNotificationToCompanyPortal action | None | Not yet documented |
| Onboarding | ||
| verifyWindowsEnrollmentAutoDiscovery function | Boolean | Not yet documented |
| Role based access control (RBAC) | ||
| getEffectivePermissions function | rolePermission collection | Retrieves the effective permissions of the currently authenticated user |
| getRoleScopeTagsByIds function | roleScopeTag collection | Not yet documented |
| getRoleScopeTagsByResource function | roleScopeTag collection | Not yet documented |
Properties
| Property | Type | Description |
|---|---|---|
| id | String | Unique identifier associated with the device. |
| Device configuration | ||
| intuneAccountId | Guid | Intune Account ID for given tenant |
| legacyPcManangementEnabled | Boolean | The property to enable Non-MDM managed legacy PC management for this account. This property is read-only. |
| maximumDepTokens | Int32 | Maximum number of DEP tokens allowed per-tenant. |
| settings | deviceManagementSettings | Account level settings. |
| Device management | ||
| accountMoveCompletionDateTime | DateTimeOffset | The date & time when tenant data moved between scaleunits. |
| adminConsent | adminConsent | Admin consent information. |
| deviceProtectionOverview | deviceProtectionOverview | Device protection overview. |
| managedDeviceCleanupSettings | managedDeviceCleanupSettings | Device cleanup rule |
| subscriptionState | deviceManagementSubscriptionState | Tenant mobile device management subscription state. Possible values are: pending, active, warning, disabled, deleted, blocked, lockedOut. |
| subscriptions | deviceManagementSubscriptions | Tenant's Subscription. Possible values are: none, intune, office365, intunePremium, intune_EDU, intune_SMB. |
| windowsMalwareOverview | windowsMalwareOverview | Malware overview for windows devices. |
| Group Policy Analytics | ||
| groupPolicyObjectFiles | groupPolicyObjectFile collection | A list of Group Policy Object files uploaded. |
| Onboarding | ||
| intuneBrand | intuneBrand | intuneBrand contains data which is used in customizing the appearance of the Company Portal applications as well as the end user web portal. |
| Odj | ||
| domainJoinConnectors | deviceManagementDomainJoinConnector collection | A list of connector objects. |
Relationships
| Relationship | Type | Description |
|---|---|---|
| Android for Work | ||
| androidDeviceOwnerEnrollmentProfiles | androidDeviceOwnerEnrollmentProfile collection | Android device owner enrollment profile entities. |
| androidForWorkAppConfigurationSchemas | androidForWorkAppConfigurationSchema collection | Android for Work app configuration schema entities. |
| androidForWorkEnrollmentProfiles | androidForWorkEnrollmentProfile collection | Android for Work enrollment profile entities. |
| androidForWorkSettings | androidForWorkSettings | The singleton Android for Work settings entity. |
| androidManagedStoreAccountEnterpriseSettings | androidManagedStoreAccountEnterpriseSettings | The singleton Android managed store account enterprise settings entity. |
| androidManagedStoreAppConfigurationSchemas | androidManagedStoreAppConfigurationSchema collection | Android Enterprise app configuration schema entities. |
| Auditing | ||
| auditEvents | auditEvent collection | The Audit Events |
| Company terms | ||
| termsAndConditions | termsAndConditions collection | The terms and conditions associated with device management of the company. |
| Configuration Policies | ||
| configurationPolicies | deviceManagementConfigurationPolicy collection | List of all Configuration policies |
| configurationSettings | deviceManagementConfigurationSettingDefinition collection | List of all ConfigurationSettings |
| configurationCategories | deviceManagementConfigurationCategory collection | List of all Configuration Categories |
| Corporate enrollment | ||
| enrollmentProfiles | enrollmentProfile collection | The enrollment profiles. |
| importedAppleDeviceIdentities | importedAppleDeviceIdentity collection | The imported Apple device identities. |
| importedDeviceIdentities | importedDeviceIdentity collection | The imported device identities. |
| Device configuration | ||
| advancedThreatProtectionOnboardingStateSummary | advancedThreatProtectionOnboardingStateSummary | The summary state of ATP onboarding state for this account. |
| cartToClassAssociations | cartToClassAssociation collection | The Cart To Class Associations. |
| deviceCompliancePolicies | deviceCompliancePolicy collection | The device compliance policies. |
| deviceCompliancePolicyDeviceStateSummary | deviceCompliancePolicyDeviceStateSummary | The device compliance state summary for this account. |
| deviceCompliancePolicySettingStateSummaries | deviceCompliancePolicySettingStateSummary collection | The summary states of compliance policy settings for this account. |
| deviceConfigurationConflictSummary | deviceConfigurationConflictSummary collection | Summary of policies in conflict state for this account. |
| deviceConfigurationDeviceStateSummaries | deviceConfigurationDeviceStateSummary | The device configuration device state summary for this account. |
| deviceConfigurationRestrictedAppsViolations | restrictedAppsViolation collection | Restricted apps violations for this account. |
| deviceConfigurations | deviceConfiguration collection | The device configurations. |
| deviceConfigurationUserStateSummaries | deviceConfigurationUserStateSummary | The device configuration user state summary for this account. |
| iosUpdateStatuses | iosUpdateDeviceStatus collection | The IOS software update installation statuses for this account. |
| ndesConnectors | ndesConnector collection | The collection of Ndes connectors for this account. |
| softwareUpdateStatusSummary | softwareUpdateStatusSummary | The software update status summary. |
| Device intent | ||
| intents | deviceManagementIntent collection | The device management intents |
| settingDefinitions | deviceManagementSettingDefinition collection | The device management intent setting definitions |
| templates | deviceManagementTemplate collection | The available templates |
| categories | deviceManagementSettingCategory collection | The available categories |
| Device management | ||
| applePushNotificationCertificate | applePushNotificationCertificate | Apple push notification certificate. |
| dataSharingConsents | dataSharingConsent collection | Data sharing consents. |
| detectedApps | detectedApp collection | The list of detected apps associated with a device. |
| deviceManagementScripts | deviceManagementScript collection | The list of device management scripts associated with the tenant. |
| deviceShellScripts | deviceShellScript collection | The list of device shell scripts associated with the tenant. |
| deviceHealthScripts | deviceHealthScript collection | The list of device health scripts associated with the tenant. |
| managedDeviceOverview | managedDeviceOverview | Device overview |
| managedDevices | managedDevice collection | The list of managed devices. |
| remoteActionAudits | remoteActionAudit collection | The list of device remote action audits with the tenant. |
| windowsMalwareInformation | windowsMalwareInformation collection | The list of affected malware in the tenant. |
| mobileAppTroubleshootingEvents | mobileAppTroubleshootingEvent collection | The collection property of MobileAppTroubleshootingEvent. |
| userExperienceAnalyticsOverview | userExperienceAnalyticsOverview | User experience analytics overview |
| userExperienceAnalyticsBaselines | userExperienceAnalyticsBaseline collection | User experience analytics baselines |
| userExperienceAnalyticsCategories | userExperienceAnalyticsCategory collection | User experience analytics categories |
| userExperienceAnalyticsDevicePerformance | userExperienceAnalyticsDevicePerformance collection | User experience analytics device performance |
| userExperienceAnalyticsRegressionSummary | userExperienceAnalyticsRegressionSummary | User experience analytics regression summary |
| userExperienceAnalyticsDeviceStartupHistory | userExperienceAnalyticsDeviceStartupHistory collection | User experience analytics device Startup History |
| userExperienceAnalyticsDeviceStartupProcesses | userExperienceAnalyticsDeviceStartupProcess collection | User experience analytics device Startup Processes |
| userExperienceAnalyticsDeviceStartupProcessPerformance | userExperienceAnalyticsDeviceStartupProcessPerformance collection | User experience analytics device Startup Process Performance |
| Enrollment | ||
| depOnboardingSettings | depOnboardingSetting collection | This collections of multiple DEP tokens per-tenant. |
| importedDeviceIdentities | importedDeviceIdentity collection | The imported device identities. |
| importedWindowsAutopilotDeviceIdentities | importedWindowsAutopilotDeviceIdentity collection | Collection of imported Windows autopilot devices. |
| windowsAutopilotDeploymentProfiles | windowsAutopilotDeploymentProfile collection | Windows auto pilot deployment profiles |
| windowsAutopilotDeviceIdentities | windowsAutopilotDeviceIdentity collection | The Windows autopilot device identities contained collection. |
| windowsAutopilotSettings | windowsAutopilotSettings | The Windows autopilot account settings. |
| Embedded SIM | ||
| embeddedSIMActivationCodePools | embeddedSIMActivationCodePool collection | The embedded SIM activation code pools created by this account. |
| Group Policy Analytics | ||
| groupPolicyMigrationReports | groupPolicyMigrationReport collection | A list of Group Policy migration reports. |
| MicrosoftTunnel | ||
| microsoftTunnelConfigurations | microsoftTunnelConfiguration collection | Collection of MicrosoftTunnelConfiguration settings associated with account. |
| microsoftTunnelSites | microsoftTunnelSite collection | Collection of MicrosoftTunnelSite settings associated with account. |
| Notifications | ||
| notificationMessageTemplates | notificationMessageTemplate collection | The Notification Message Templates. |
| Onboarding | ||
| conditionalAccessSettings | onPremisesConditionalAccessSettings | The Exchange on premises conditional access settings. On premises conditional access will require devices to be both enrolled and compliant for mail access |
| deviceCategories | deviceCategory collection | The list of device categories with the tenant. |
| deviceEnrollmentConfigurations | deviceEnrollmentConfiguration collection | The list of device enrollment configurations |
| deviceManagementPartners | deviceManagementPartner collection | The list of Device Management Partners configured by the tenant. |
| exchangeConnectors | deviceManagementExchangeConnector collection | The list of Exchange Connectors configured by the tenant. |
| exchangeOnPremisesPolicies | deviceManagementExchangeOnPremisesPolicy collection | The list of Exchange On Premisis policies configured by the tenant. |
| exchangeOnPremisesPolicy | deviceManagementExchangeOnPremisesPolicy | The policy which controls mobile device access to Exchange On Premises |
| mobileThreatDefenseConnectors | mobileThreatDefenseConnector collection | The list of Mobile threat Defense connectors configured by the tenant. |
| Policy Set | ||
| deviceManagementScripts | deviceManagementScript collection | The list of device management scripts associated with the tenant. |
| deviceConfigurations | deviceConfiguration collection | The list of device configurations associated with the tenant. |
| deviceCompliancePolicies | deviceCompliancePolicy collection | The list of device compliance policies associated with the tenant. |
| windowsAutopilotDeploymentProfiles | windowsAutopilotDeploymentProfile collection | Windows auto pilot deployment profiles |
| deviceEnrollmentConfigurations | deviceEnrollmentConfiguration collection | The list of device enrollment configurations |
| Resource Access Polcy | ||
| derivedCredentials | deviceManagementDerivedCredentialSettings collection | Collection of Derived credential settings associated with account. |
| Remote access | ||
| userPfxCertificates | userPFXCertificate collection | Collection of PFX certificates associated with a user. |
| Remote assistance | ||
| remoteAssistancePartners | remoteAssistancePartner collection | The remote assist partners. |
| Role based access control (RBAC) | ||
| resourceOperations | resourceOperation collection | The Resource Operations. |
| roleAssignments | deviceAndAppManagementRoleAssignment collection | The Role Assignments. |
| roleDefinitions | roleDefinition collection | The Role Definitions. |
| roleScopeTags | roleScopeTag collection | The Role Scope Tags. |
| Reporting | ||
| reports | deviceManagementReports | Reports singleton |
| Software Update | ||
| windowsFeatureUpdateProfiles | windowsFeatureUpdateProfile collection | A collection of windows feature update profiles |
| Troubleshooting | ||
| troubleshootingEvents | deviceManagementTroubleshootingEvent collection | The list of troubleshooting events for the tenant. |
| Windows Information Protection | ||
| intuneBrandingProfiles | intuneBrandingProfile collection | Intune branding profiles targeted to AAD groups |
| windowsInformationProtectionAppLearningSummaries | windowsInformationProtectionAppLearningSummary collection | The windows information protection app learning summaries. |
| windowsInformationProtectionNetworkLearningSummaries | windowsInformationProtectionNetworkLearningSummary collection | The windows information protection network learning summaries. |
JSON Representation
Here is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.deviceManagement",
"id": "String (identifier)",
"subscriptionState": "String"
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for