Posted on 12-18-2017 04:18 PM
I'm trying to setup Intune, but getting errors before I can even get the connection. I enter the info, but get the error "Could not retrieve the access token for Microsoft Graph API. Check the configuration for Microsoft Intune Integration."
What do use use for the Azure AD tenet name? The ".onmicrosoft.com" subdomain?
Posted on 12-19-2017 11:19 AM
YourAzureADName.onmicrosoft.com is what I used. Make sure you didn't go beyond I think 10 minutes since creating your key else it will also fail. I pretty much followed this https://docs.microsoft.com/en-us/intune/conditional-access-integrate-jamf#configure-conditional-access-in-jamf-pro to get it done. I had to wait a bit after I entered the key and appid before the test would work. How long, I'm not sure since I came back the next day.
Posted on 12-20-2017 07:20 AM
@bjonesrbh do you have any Graph API settings configured? If so, what ones? I'm not getting a key error now, but I'm still getting the "Could not retrieve the access token for Microsoft Graph API. Check the configuration for Microsoft Intune Integration." error.
Posted on 12-20-2017 08:44 AM
This is the only permissions I set for the app:
Posted on 12-20-2017 08:44 AM
Also make sure to hit the "Grant Permissions" after deleting the only permissions and adding the new one.
Posted on 12-22-2017 11:04 AM
I'm getting the same error even after redoing all the configuration on the MS side.
Posted on 12-27-2017 10:00 AM
I’m lucky enough to be our Intune and Jamf admin. MS’s docs are pretty bad, but I got it working. Your Azure AD tenant name can be found in Azure>Azure Active Directory>Property>Directory ID. It will be a string of numbers and letters, much like the App ID you created for Jamf Conditional Access. I don’t believe it should be any kind of URL, but rather just identifies your tenant by ID. I was also able to create a custom location to put the Company Portal app by packaging it with Composer (rather than in the Applications folder). This would prevent users from launching the app from the App folder (a no-no according to the docs, it needs to be launched through Self Service).
Posted on 03-13-2018 06:47 AM
@PhillyPhoto did you get this sorted? I also have this issue.
regards Ben
Posted on 03-13-2018 07:59 AM
@Bendelaat It seemed to be a timing issue. Following the instructions to set everything up in Intune, it did work, but it seemed to take a little while for the account and keys to propagate. There wasn't actually a graph API to configure. So try giving it some time and trying again.
On a side note, I believe we are now running into product issue (PI-005258) where Conditional Access does not work in multi-context environments. Our JSS is setup as "https://jss.domain.com/jamf" instead of just "https://jss.domain.com".
Posted on 03-15-2018 03:45 AM
thanks, I forgot to grant the permissions to the app.
it's working now!
Posted on 10-06-2021 01:14 PM
Bumping this even though its been a few years.
I am getting this error, however both Intune and Graph have the proper permissions:
"Could not retrieve the access token for Microsoft Graph API. Check the configuration for Microsoft Intune Integration."
Since we are all cloud, highly doubt it's a port issue. Anyone else experience this?
Posted on 10-20-2021 09:26 AM
We're also running into this issue, permissions consented to per the documentation.
Blew everything in Azure away and ran the Cloud Connector setup and it worked for about 12 hours and now it's broken again.
Posted on 10-27-2021 01:27 PM
Yea I reached out to support and they recommended Cloud Connector.. The documentation for the manual setup is definitely out dated as it asks for an API that is depreciated.
I haven't really looked at it since it was for POC, but checking now it still appears to be working. Is yours still down?
Posted on 10-27-2021 01:35 PM
Yeah, I also reached out to support and they also recommended removing everything again and setting up Cloud Connector.
It's now working for us, but it's a travesty that the documentation is wrong.
Posted on 02-06-2022 12:58 PM
Ok, so the manual configuration will not work, bummer. And the clear choice for functionality is Cloud Connector. Thanks and good to know. I was banging my head on this as I had everything configured corrently.