What you’ll accomplish
- Register an Azure application for June
- Configure Microsoft Graph API permissions
- Set up the June integration
- Understand cross-platform device synchronization
Prerequisites
Before starting the integration, ensure you have:- Microsoft Entra ID with Intune licensing
- Global Administrator or Intune Administrator role
- Azure app registration permissions
- June organization admin permissions
Setup Process
Step 1: Configure June Integration
1
Access June Integrations
- Log into June
- Navigate to Integrations > MDM Systems
- Click Add Integration
2
Select Microsoft Intune
- Choose “Microsoft Entra” from available integrations
- Click Connect to start setup
3
Complete OAuth Flow
- Sign in with your Azure administrator account
- Grant consent for the requested permissions.
- On success, you’ll return to June with integration activated.
Step 2: Configure Sync Settings
1
Set Sync Frequency
Choose sync interval based on your environment:
- Every day: For most environments
- Every other day: For environments with a large number of devices
- Every week: For environments with infrequent changes
2
Configure Data Scope
Select what data to synchronize:
- Sync all employees
- Device inventory and specifications (always on)
- Sync Software Applications
- Device actions
Data Synchronization
Supported Device Types
| Platform | Device Types | Key Data Synced |
|---|---|---|
| Windows | Desktops, Laptops, Tablets | Hardware specs, compliance status, installed apps |
| macOS | MacBooks, iMacs, Mac minis | System info, security settings, application inventory |
| iOS/iPadOS | iPhones, iPads | Device model, OS version, app compliance |
| Android | Phones, Tablets | Device info, work profile status, managed apps |
Troubleshooting
Authentication Issues
Invalid Client Credentials
Invalid Client Credentials
Symptoms: “Invalid client” or “Authentication failed” errorsSolutions:
- Verify Tenant ID, Client ID, and Client Secret are correct
- Check if client secret has expired
- Ensure app registration is in the correct tenant
- Confirm admin consent was granted
Insufficient Permissions
Insufficient Permissions
Symptoms: “Access denied” or “Forbidden” errors when syncingSolutions:
- Review API permissions in Azure app registration
- Ensure admin consent was granted for all permissions
- Check if permissions were accidentally removed
- Verify the user granting consent had sufficient privileges
Tenant Access Issues
Tenant Access Issues
Symptoms: “Tenant not found” or “Invalid tenant” errorsSolutions:
- Confirm Tenant ID is correct (check Azure portal)
- Verify app registration exists in the correct tenant
- Check if tenant has appropriate licensing
- Ensure network connectivity to Azure endpoints
Sync Problems
Missing Devices
Missing Devices
Possible Causes:
- Devices not enrolled in Intune
- Insufficient permissions to access device data
- Device filtering excluding expected devices
- Conditional access blocking access
- Verify device enrollment status in Intune portal
- Check API permissions include all required scopes
- Review device filters in June integration settings
- Confirm devices meet sync criteria
Outdated Device Information
Outdated Device Information
Possible Causes:
- Devices not syncing with Intune regularly
- Long sync intervals in June
- Network connectivity issues
- Force device sync in Intune portal
- Reduce sync frequency in June
- Check device connectivity and management status
- Review Intune device compliance policies
Performance Issues
Performance Issues
Symptoms: Slow syncs, API throttling, timeoutsSolutions:
- Implement device filtering to reduce data volume
- Stagger sync schedules during off-peak hours
- Monitor Microsoft Graph API throttling limits
- Consider breaking large tenants into multiple integrations
Best Practices
Security
- Certificate-Based Authentication: Consider using certificates instead of client secrets for enhanced security
- Secret Rotation: Regularly rotate client secrets before expiration
- Least Privilege: Grant only necessary API permissions
- Conditional Access: Apply appropriate conditional access policies
Performance
- Smart Filtering: Use device and user filters to optimize sync performance
- Batch Processing: Allow June to batch API requests for efficiency
- Off-Peak Syncing: Schedule intensive operations during low-usage periods
- Monitor Throttling: Watch for Microsoft Graph API rate limits
Compliance
- Regular Audits: Periodically review app permissions and access
- Change Management: Document any changes to the integration configuration
- Compliance Monitoring: Set up alerts for compliance policy violations
- Data Retention: Understand data retention policies for synced information
Microsoft Graph API Limits
Be aware of Microsoft Graph throttling limits:| Resource Type | Throttle Limits | Best Practices |
|---|---|---|
| Device queries | 1000 requests/10 minutes | Use filtering and paging |
| User queries | 3000 requests/5 minutes | Batch requests when possible |
| Application data | 600 requests/20 seconds | Implement retry logic |
Next Steps
Once your Intune integration is configured:Conditional Access
Set up conditional access policies based on device compliance
Cross-Platform Views
Create views that span across different device platforms
Compliance Reporting
Generate compliance reports across your entire device fleet
Automated Workflows
Set up automated remediation based on compliance status
Client secrets expire and must be renewed. Set calendar reminders to rotate secrets before expiration to avoid integration disruption.
Intune integration supports all major device platforms. Sync frequency and data availability may vary by platform and enrollment type.