Frontline Asset Management integrates with Microsoft Intune to keep device data in sync with your inventory records. The nightly integration:
- Pulls key device properties from the Microsoft Intune API.
- Displays those properties in asset records, grids, reports, and exports.
Synced Data Fields
| Asset Management MDM Field | Microsoft Intune Field Name |
|---|---|
| Device Name | DeviceName |
| External IP | — |
| Internal IP | — |
| Last Login Date | — |
| Last Login User | EmailAddress |
| Last Seen Date | LastSyncDateTime |
| LAG/LONG | — |
| MAC Address | wifiMacAddress |
| MDM Status | DeviceRegistrationState |
| OS | OperatingSystem |
Accessing Integration Settings
Administrators configure and monitor the integration in Management › Integration Settings › Microsoft Intune Integrations.
| UI Element | Purpose |
|---|---|
| Job History | Shows each nightly ETL run with start time, jobname, status, and notes |
| Initiate One-Time Sync | Runs an on-demand sync |
| Tenant ID | Microsoft Intune Tenant ID created in Step 4 |
Microsoft Intune MDM Setup and Authorization
The first three steps below must be completed by a Microsoft Intune Administrator with access to Cloud Application and Microsoft Graph.
Settings > Microsoft Intune Integrations in Asset Management, the nightly sync will work as expected.
- Navigate to Applications > App registrations > New registration.
- Enter:
- Name: Frontline Asset Management
- Supported account types: “Accounts in this organizational directory only”
- Redirect URI: Leave blank (optional for API-only use).
- Click Register.
- Copy the Application (Client) ID and Directory (Tenant) ID. You will need them in Asset Management later.
- In the newly created app, go to Certificates & secrets > Client secrets.
- Click New client secret, give it a name (e.g., "Frontline Asset Management Sync"), and select an expiration (recommended 24 months).
- Click Add, then copy the value immediately. This is your client secret (it will not be shown again).
- Enter token in Asset Management in Manage Integration Settings > Intune Integrations.
- In the Tenant ID, paste the Directory (Tenant) ID from Microsoft Intune Manager console.
- In the Client App ID field, paste the Application (Client) ID with device-read access, generated from the Microsoft Intune Manager console.
- In the Client Secret field, paste the API Value (Client Secret) password from the Microsoft Intune Manager console.
- Click Save to verify the Microsoft Intune credentials entered.
- Click Initiate One-Time Sync to run the first sync manually.
Microsoft Intune Integration Status
The "Microsoft Intune Integration Status" grid gives administrators a clear view into recent sync activity between Microsoft Intune MDM and Frontline Asset Management, including job status, logs, and error tracking.
The integration grid includes a real-time sync log that displays:
- Started – The date and time the sync began
- Job ID – A unique identifier for each sync attempt
- State – Status of the sync (for example, "DataImported," "Queued," "Processing," "Error")
- Notes – Summary information for failed jobs or flags for issues requiring attention
- Clipboard icon – Click to open a step-by-step breakdown of sync activity for that job
When you click the log icon for a sync job, you will see a timestamped list of every step in the process, including:
- Queued
- Processing
- Authenticated
- DataExtracted (device count shown)
- DataUploaded
- DataTransformed
- DataImportInitiated
- DataImported
Monitoring, Verification & Data Access
Nightly Sync Logic
- Runs once every night
- Matches devices by serial number; no serial, no update
- Duplicate serials trigger a warning and are skipped.
Verifying a Sync
- Check the "Microsoft Intune Integration Status" grid for "DataImported" state.
- Open a tag record and confirm MDM fields are populated.
- Compare values with Microsoft Intune if needed.
Viewing MDM Data
| Where | How to Use |
|---|---|
| Tag Information modal | View MDM fields for a single asset |
| Tags grid (Columns) | Add MDM columns, filter/sort, then export for bulk review |
Known Limitations
- Devices must already exist in Asset Management; the sync does not create new assets.
- Integration is read-only; no disable/enable or remote commands are sent to Microsoft Intune.
- No other bidirectional actions (e.g., changing OU or deprovisioning) are supported.
- MDM fields are read-only and not yet available in audit workflows.
- Some data points may be blank if Microsoft Intune does not supply them for a given device type.
- Duplicate serials in Asset Management or Microsoft Intune are skipped and reported.
- The device import information report has not yet been included in the application. In a future release, a CSV will be available to see which serials were updated, skipped, or not found.
Frequently Asked Questions
How can I tell if my token has expired?
In Integration Settings › Microsoft Intune Integrations, an "Authentication Required" message displays in red when the token is invalid or expired. Validate and reclick Authorize Microsoft Intune with a valid token.
Why didn’t my newly purchased device appear after the sync?
The nightly job updates existing assets only. Import or create the asset in Asset Management (via purchasing spreadsheet import, manual add, room initialization), so the serial number exists before the next sync. The integration can then populate MDM fields.
Can we sync last login date or internal/external IP for Microsoft Intune-managed devices?
Microsoft Intune’s current APIs do not supply those values by default. Frontline will monitor Microsoft Intune updates and add support if the data become available in the future.
Do I need a Microsoft Intune Admin authentication to set up this integration?
Any Microsoft Intune account that can generate a client ID and tenant ID (Admin role). The key inherits that user’s access rights.