Appendix 16: Intune- Generate Client Credentials
In this Appendix we will see how to generate Client Credentials and provide necessary permissions.
- Login to https://portal.azure.com with email address and password (else register for a new account).
- Click on Azure Active Directory from a column on the left side as below.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl13c53e604952e492f815458db161ea6fd)
- Search for Properties
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl119525018fb07480b95faa3e4e0ea7ff8)
- The Tenant ID required in the plugin is the ID mentioned under Directory ID. In case the ID is not available you may get Tenant ID as mentioned in step 8 below.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl18e2f136717fc499bb206b0f8024c4956)
- To get the Client ID, click on App registrations under Azure Active Directory.
- Create a new App by clicking on New Registration.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl14f815749a045426da1c78ef40cedf1ae)
- Enter the application name select account types and click on Register.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl1c9cd1e26d1ed4f9cb1ca35d63a8e7935)
- After clicking on Register, under Overview of the newly generated Application you can find the Application (client) ID/ Client ID. Also, you can find Directory (tenant) ID/Tenant ID below Client ID.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl1d08f4b2a6fde40f4a2a51616d0cd272d)
- To generate client secret, click on the Certificates & Secrets and then click on + New
Client Secret.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl17399c3307ec247b29b08225d7abf1465)
- Now enter the Description, Expiry, and click on Add.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl147a35e259e0b41d180cf0a959b7ce895)
- Copy the value of the client secret as it will be not visible the second time.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl10782a8d61da64985812a86d7a5568268)
- Click on API Permission and then click on Add Permission.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl107b26185f7e241d1b85da01a5c023725)
- Click on Microsoft Graph, and then click on Application permissions.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl1cee5f9dd591041f3a90d4364013bd373)
- Select Application permission.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl160e90804e2e543b681baabd09b754152)
- Search and select the required permission. Click on Add Permission.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl16ca5ae92a5ee4a43abf5a7dfd1a8c804)
- This will redirect back to API Permission. In the Grant Consent section click on "Grant admin consent for….".
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl1a4020af386ce49a08b851c4766e524a6)
- It will prompt for confirmation, click on Yes.
![](https://support.automationedge.com/DocsDisplay?zgId=60001911841&mode=inline&blockId=m5yl1a25df214a7684b4c9f95eb6b8dc27ad5)
- Similarly, we can assign the permissions required by Intune Plugins mentioned below,
- DeviceManagementManagedDevices.PrivilegedOperations.All
- DeviceManagementManagedDevices.ReadWrite.All