DeviceManagementConfiguration.Read.All

Allows the app to read properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups.

Using the Microsoft Graph APIs to configure Intune controls and policies still requires that the Intune service is correctly licensed by the customer.

These permissions aren't supported for personal Microsoft accounts.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the DeviceManagementConfiguration.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	dc377aa6-52d8-4e23-b271-2a7ae04cedf3	f1493658-876a-4c87-8fa7-edb559b3476a
DisplayText	Read Microsoft Intune device configuration and policies	Read Microsoft Intune Device Configuration and Policies
Description	Allows the app to read properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups, without a signed-in user.	Allows the app to read properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups.
AdminConsentRequired	Yes	Yes

Graph Methods

• API [v1.0]
• API [beta]
• PowerShell [v1.0]
• PowerShell [beta]

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /deviceAppManagement
	GET /deviceAppManagement/enterpriseCodeSigningCertificates
	GET /deviceAppManagement/mobileAppCategories
	GET /deviceAppManagement/mobileAppCategories/{mobileAppCategoryId}
	GET /deviceAppManagement/mobileAppConfigurations
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/assignments
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/assignments/{managedDeviceMobileAppConfigurationAssignmentId}
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/deviceStatuses
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/deviceStatuses/{managedDeviceMobileAppConfigurationDeviceStatusId}
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/deviceStatusSummary
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/userStatuses
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/userStatuses/{managedDeviceMobileAppConfigurationUserStatusId}
	GET /deviceAppManagement/mobileAppConfigurations/{managedDeviceMobileAppConfigurationId}/userStatusSummary
	GET /deviceAppManagement/mobileAppRelationships
	GET /deviceAppManagement/mobileAppRelationships/{mobileAppRelationshipId}
	GET /deviceAppManagement/mobileApps
	GET /deviceAppManagement/mobileApps/{mobileAppId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/assignments
	GET /deviceAppManagement/mobileApps/{mobileAppId}/assignments/{mobileAppAssignmentId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/categories
	GET /deviceAppManagement/mobileApps/{mobileAppId}/categories/{mobileAppCategoryId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/contentVersions
	GET /deviceAppManagement/mobileApps/{mobileAppId}/contentVersions/{mobileAppContentId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/contentVersions/{mobileAppContentId}/containedApps
	GET /deviceAppManagement/mobileApps/{mobileAppId}/contentVersions/{mobileAppContentId}/containedApps/{mobileContainedAppId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/contentVersions/{mobileAppContentId}/files
	GET /deviceAppManagement/mobileApps/{mobileAppId}/contentVersions/{mobileAppContentId}/files/{mobileAppContentFileId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.managedMobileLobApp/contentVersions
	GET /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.managedMobileLobApp/contentVersions/{mobileAppContentId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.mobileLobApp/contentVersions
	GET /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.mobileLobApp/contentVersions/{mobileAppContentId}
	GET /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.windowsUniversalAppX/committedContainedApps
	GET /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.windowsUniversalAppX/committedContainedApps/{mobileContainedAppId}
	GET /deviceManagement/deviceCompliancePolicies
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/assignments
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/assignments/{deviceCompliancePolicyAssignmentId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/deviceSettingStateSummaries
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/deviceSettingStateSummaries/{settingStateDeviceSummaryId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/deviceStatuses
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/deviceStatuses/{deviceComplianceDeviceStatusId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/deviceStatusOverview
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/scheduledActionsForRule
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/scheduledActionsForRule/{deviceComplianceScheduledActionForRuleId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/scheduledActionsForRule/{deviceComplianceScheduledActionForRuleId}/scheduledActionConfigurations
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/scheduledActionsForRule/{deviceComplianceScheduledActionForRuleId}/scheduledActionConfigurations/{deviceComplianceActionItemId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/userStatuses
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/userStatuses/{deviceComplianceUserStatusId}
	GET /deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicyId}/userStatusOverview
	GET /deviceManagement/deviceCompliancePolicyDeviceStateSummary
	GET /deviceManagement/deviceCompliancePolicySettingStateSummaries
	GET /deviceManagement/deviceCompliancePolicySettingStateSummaries/{deviceCompliancePolicySettingStateSummaryId}
	GET /deviceManagement/deviceCompliancePolicySettingStateSummaries/{deviceCompliancePolicySettingStateSummaryId}/deviceComplianceSettingStates
	GET /deviceManagement/deviceCompliancePolicySettingStateSummaries/{deviceCompliancePolicySettingStateSummaryId}/deviceComplianceSettingStates/{deviceComplianceSettingStateId}
	GET /deviceManagement/deviceConfigurationDeviceStateSummaries
	GET /deviceManagement/deviceConfigurations
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/assignments
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/assignments/{deviceConfigurationAssignmentId}
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/deviceSettingStateSummaries
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/deviceSettingStateSummaries/{settingStateDeviceSummaryId}
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/deviceStatuses
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/deviceStatuses/{deviceConfigurationDeviceStatusId}
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/deviceStatusOverview
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/getOmaSettingPlainTextValue
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/userStatuses
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/userStatuses/{deviceConfigurationUserStatusId}
	GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/userStatusOverview
	GET /deviceManagement/deviceEnrollmentConfigurations/{deviceEnrollmentConfigurationId}/assignments/{enrollmentConfigurationAssignmentId}
	GET /deviceManagement/iosUpdateStatuses
	GET /deviceManagement/iosUpdateStatuses/{iosUpdateDeviceStatusId}
	GET /deviceManagement/notificationMessageTemplates
	GET /deviceManagement/notificationMessageTemplates/{notificationMessageTemplateId}
	GET /deviceManagement/notificationMessageTemplates/{notificationMessageTemplateId}/localizedNotificationMessages
	GET /deviceManagement/notificationMessageTemplates/{notificationMessageTemplateId}/localizedNotificationMessages/{localizedNotificationMessageId}
	GET /deviceManagement/reports
	GET /deviceManagement/reports/exportJobs
	GET /deviceManagement/reports/exportJobs/{deviceManagementExportJobId}
	GET /deviceManagement/softwareUpdateStatusSummary
	GET /organization
	GET /organization/{organizationId}
	GET /reports
	GET /reports/deviceConfigurationDeviceActivity
	GET /reports/deviceConfigurationUserActivity
	GET /users
	GET /users/{usersId}
	GET /users/{usersId}/exportDeviceAndAppManagementData
	POST /deviceAppManagement/mobileApps/{mobileAppId}/enableApplicableArchitectures
	POST /deviceManagement/deviceManagementPartners/{deviceManagementPartnerId}/terminate
	POST /deviceManagement/reports/getCachedReport
	POST /deviceManagement/reports/getCompliancePolicyNonComplianceReport
	POST /deviceManagement/reports/getCompliancePolicyNonComplianceSummaryReport
	POST /deviceManagement/reports/getComplianceSettingNonComplianceReport
	POST /deviceManagement/reports/getConfigurationPolicyNonComplianceReport
	POST /deviceManagement/reports/getConfigurationPolicyNonComplianceSummaryReport
	POST /deviceManagement/reports/getConfigurationSettingNonComplianceReport
	POST /deviceManagement/reports/getDeviceManagementIntentPerSettingContributingProfiles
	POST /deviceManagement/reports/getDeviceManagementIntentSettingsReport
	POST /deviceManagement/reports/getDeviceNonComplianceReport
	POST /deviceManagement/reports/getDevicePoliciesComplianceReport
	POST /deviceManagement/reports/getDevicePolicySettingsComplianceReport
	POST /deviceManagement/reports/getDevicesStatusByPolicyPlatformComplianceReport
	POST /deviceManagement/reports/getDevicesStatusBySettingReport
	POST /deviceManagement/reports/getDeviceStatusByCompliacePolicyReport
	POST /deviceManagement/reports/getDeviceStatusByCompliancePolicySettingReport
	POST /deviceManagement/reports/getDeviceStatusSummaryByCompliacePolicyReport
	POST /deviceManagement/reports/getDeviceStatusSummaryByCompliancePolicySettingsReport
	POST /deviceManagement/reports/getDevicesWithoutCompliancePolicyReport
	POST /deviceManagement/reports/getHistoricalReport
	POST /deviceManagement/reports/getNoncompliantDevicesAndSettingsReport
	POST /deviceManagement/reports/getPolicyNonComplianceMetadata
	POST /deviceManagement/reports/getPolicyNonComplianceReport
	POST /deviceManagement/reports/getPolicyNonComplianceSummaryReport
	POST /deviceManagement/reports/getReportFilters
	POST /deviceManagement/reports/getSettingNonComplianceReport
	POST /deviceManagement/windowsAutopilotDeviceIdentities/deleteDevices

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

• androidAppConfigurationSchema
• androidDeviceOwnerEnrollmentProfile
• androidForWorkAppConfigurationSchema
• androidForWorkEnrollmentProfile
• androidForWorkSettings
• androidManagedStoreAccountEnterpriseSettings
• androidManagedStoreAppConfigurationSchema
• intune-androidforwork-androidmanagedstorelayouttype
• appConfigurationSchemaRequestDetail
• deviceManagementReports
• zebraFotaArtifact
• androidForWorkApp
• androidForWorkMobileAppConfiguration
• androidLobApp
• androidManagedStoreApp
• androidManagedStoreAppConfiguration
• androidManagedStoreWebApp
• androidStoreApp
• deviceAndAppManagementDeploymentAssignment
• deviceAndAppManagementPayloadAssignment
• enterpriseCodeSigningCertificate
• iosiPadOSWebClip
• iosLobApp
• iosLobAppProvisioningConfigurationAssignment
• iosMobileAppConfiguration
• iosStoreApp
• iosVppApp
• iosVppAppAssignedDeviceLicense
• iosVppAppAssignedLicense
• iosVppAppAssignedUserLicense
• macOSDmgApp
• macOSLobApp
• macOSMicrosoftDefenderApp
• macOSMicrosoftEdgeApp
• macOSOfficeSuiteApp
• macOSPkgApp
• macOsVppApp
• macOsVppAppAssignedLicense
• macOSWebClip
• managedAndroidLobApp
• managedAndroidStoreApp
• managedApp
• managedDeviceMobileAppConfiguration
• managedDeviceMobileAppConfigurationAssignment
• managedDeviceMobileAppConfigurationDeviceStatus
• managedDeviceMobileAppConfigurationDeviceSummary
• managedDeviceMobileAppConfigurationUserStatus
• managedDeviceMobileAppConfigurationUserSummary
• managedIOSLobApp
• managedIOSStoreApp
• managedMobileLobApp
• microsoftStoreForBusinessApp
• microsoftStoreForBusinessContainedApp
• mobileApp
• mobileAppAssignment
• mobileAppCategory
• mobileAppContent
• mobileAppContentFile
• mobileAppContentScript
• mobileAppDependency
• mobileAppProvisioningConfigGroupAssignment
• mobileAppPublishingConstraints
• mobileAppRelationship
• mobileAppSupersedence
• mobileContainedApp
• mobileLobApp
• officeSuiteApp
• symantecCodeSigningCertificate
• webApp
• win32LobApp
• win32LobAppInstallPowerShellScript
• win32LobAppScript
• win32LobAppUninstallPowerShellScript
• windowsAppX
• intune-apps-windowsarchitecture
• windowsAutoUpdateCatalogApp
• windowsMicrosoftEdgeApp
• windowsMobileMSI
• windowsPhone81AppX
• windowsPhone81AppXBundle
• windowsPhone81StoreApp
• windowsPhoneXAP
• windowsStoreApp
• windowsUniversalAppX
• windowsUniversalAppXContainedApp
• windowsWebApp
• winGetApp
• chromeOSOnboardingSettings
• intune-chromebooksync-chromeosonboardingstatus
• cloudCertificationAuthority
• cloudCertificationAuthorityLeafCertificate
• intune-cloudpkigraphservice-cloudcertificationauthoritystatus
• deviceManagementReports
• trustChainCertificate
• advancedThreatProtectionOnboardingDeviceSettingState
• advancedThreatProtectionOnboardingStateSummary
• androidCertificateProfileBase
• androidCompliancePolicy
• androidCustomConfiguration
• androidDeviceOwnerCertificateProfileBase
• androidDeviceOwnerCompliancePolicy
• androidDeviceOwnerDerivedCredentialAuthenticationConfiguration
• androidDeviceOwnerEnterpriseWiFiConfiguration
• androidDeviceOwnerGeneralDeviceConfiguration
• androidDeviceOwnerImportedPFXCertificateProfile
• androidDeviceOwnerPkcsCertificateProfile
• androidDeviceOwnerScepCertificateProfile
• androidDeviceOwnerTrustedRootCertificate
• androidDeviceOwnerVpnConfiguration
• androidDeviceOwnerWiFiConfiguration
• androidEasEmailProfileConfiguration
• androidEnterpriseWiFiConfiguration
• androidForWorkCertificateProfileBase
• androidForWorkCompliancePolicy
• androidForWorkCustomConfiguration
• androidForWorkEasEmailProfileBase
• androidForWorkEnterpriseWiFiConfiguration
• androidForWorkGeneralDeviceConfiguration
• androidForWorkGmailEasConfiguration
• androidForWorkImportedPFXCertificateProfile
• androidForWorkNineWorkEasConfiguration
• androidForWorkPkcsCertificateProfile
• androidForWorkScepCertificateProfile
• androidForWorkTrustedRootCertificate
• androidForWorkVpnConfiguration
• androidForWorkWiFiConfiguration
• androidGeneralDeviceConfiguration
• androidImportedPFXCertificateProfile
• androidOmaCpConfiguration
• androidPkcsCertificateProfile
• androidScepCertificateProfile
• androidTrustedRootCertificate
• androidVpnConfiguration
• androidWiFiConfiguration
• androidWorkProfileCertificateProfileBase
• androidWorkProfileCompliancePolicy
• androidWorkProfileCustomConfiguration
• androidWorkProfileEasEmailProfileBase
• androidWorkProfileEnterpriseWiFiConfiguration
• androidWorkProfileGeneralDeviceConfiguration
• androidWorkProfileGmailEasConfiguration
• androidWorkProfileNineWorkEasConfiguration
• androidWorkProfilePkcsCertificateProfile
• androidWorkProfileScepCertificateProfile
• androidWorkProfileTrustedRootCertificate
• androidWorkProfileVpnConfiguration
• androidWorkProfileWiFiConfiguration
• aospDeviceOwnerCertificateProfileBase
• aospDeviceOwnerCompliancePolicy
• aospDeviceOwnerDeviceConfiguration
• aospDeviceOwnerEnterpriseWiFiConfiguration
• aospDeviceOwnerPkcsCertificateProfile
• aospDeviceOwnerScepCertificateProfile
• aospDeviceOwnerTrustedRootCertificate
• aospDeviceOwnerWiFiConfiguration
• appleDeviceFeaturesConfigurationBase
• appleExpeditedCheckinConfigurationBase
• appleVpnConfiguration
• cartToClassAssociation
• defaultDeviceCompliancePolicy
• deviceComplianceActionItem
• deviceComplianceDeviceOverview
• deviceComplianceDeviceStatus
• deviceCompliancePolicy
• deviceCompliancePolicyAssignment
• deviceCompliancePolicyDeviceStateSummary
• deviceCompliancePolicySettingStateSummary
• deviceComplianceScheduledActionForRule
• deviceComplianceSettingState
• deviceComplianceUserOverview
• deviceComplianceUserStatus
• deviceConfiguration
• deviceConfigurationAssignment
• deviceConfigurationConflictSummary
• deviceConfigurationDeviceOverview
• deviceConfigurationDeviceStateSummary
• deviceConfigurationDeviceStatus
• deviceConfigurationGroupAssignment
• deviceConfigurationTargetedUserAndDevice
• deviceConfigurationUserOverview
• deviceConfigurationUserStateSummary
• deviceConfigurationUserStatus
• easEmailProfileConfigurationBase
• editionUpgradeConfiguration
• endpointPrivilegeManagementProvisioningStatus
• hardwareConfiguration
• hardwareConfigurationAssignment
• hardwareConfigurationDeviceState
• hardwareConfigurationRunSummary
• hardwareConfigurationUserState
• hardwarePasswordDetail
• hardwarePasswordInfo
• iosCertificateProfile
• iosCertificateProfileBase
• iosCompliancePolicy
• iosCustomConfiguration
• iosDerivedCredentialAuthenticationConfiguration
• iosDeviceFeaturesConfiguration
• iosEasEmailProfileConfiguration
• iosEducationDeviceConfiguration
• iosEduDeviceConfiguration
• iosEnterpriseWiFiConfiguration
• iosExpeditedCheckinConfiguration
• iosGeneralDeviceConfiguration
• iosikEv2VpnConfiguration
• iosImportedPFXCertificateProfile
• iosPkcsCertificateProfile
• iosScepCertificateProfile
• iosTrustedRootCertificate
• iosUpdateConfiguration
• iosUpdateDeviceStatus
• iosVpnConfiguration
• iosWiFiConfiguration
• iosWiredNetworkConfiguration
• macOSCertificateProfileBase
• macOSCompliancePolicy
• macOSCustomAppConfiguration
• macOSCustomConfiguration
• macOSDeviceFeaturesConfiguration
• macOSEndpointProtectionConfiguration
• macOSEnterpriseWiFiConfiguration
• macOSExtensionsConfiguration
• macOSGeneralDeviceConfiguration
• macOSImportedPFXCertificateProfile
• macOSPkcsCertificateProfile
• macOSScepCertificateProfile
• macOSSoftwareUpdateAccountSummary
• macOSSoftwareUpdateCategorySummary
• macOSSoftwareUpdateConfiguration
• macOSSoftwareUpdateStateSummary
• macOSTrustedRootCertificate
• macOSVpnConfiguration
• macOSWiFiConfiguration
• macOSWiredNetworkConfiguration
• managedAllDeviceCertificateState
• managedDeviceCertificateState
• managedDeviceEncryptionState
• managementFeatureProjectDetail
• ndesConnector
• report
• reportRoot
• restrictedAppsViolation
• retireScheduledManagedDevice
• settingStateDeviceSummary
• sharedPCConfiguration
• softwareUpdateStatusSummary
• unsupportedDeviceConfiguration
• vpnConfiguration
• windows10CertificateProfileBase
• windows10CompliancePolicy
• windows10CustomConfiguration
• windows10DeviceFirmwareConfigurationInterface
• windows10EasEmailProfileConfiguration
• windows10EndpointProtectionConfiguration
• windows10EnterpriseModernAppManagementConfiguration
• windows10GeneralConfiguration
• windows10ImportedPFXCertificateProfile
• windows10MobileCompliancePolicy
• windows10NetworkBoundaryConfiguration
• windows10PFXImportCertificateProfile
• windows10PkcsCertificateProfile
• windows10SecureAssessmentConfiguration
• windows10TeamGeneralConfiguration
• windows10VpnConfiguration
• windows81CertificateProfileBase
• windows81CompliancePolicy
• windows81GeneralConfiguration
• windows81SCEPCertificateProfile
• windows81TrustedRootCertificate
• windows81VpnConfiguration
• windows81WifiImportConfiguration
• windowsCertificateProfileBase
• windowsDefenderAdvancedThreatProtectionConfiguration
• windowsDeliveryOptimizationConfiguration
• windowsHealthMonitoringConfiguration
• windowsIdentityProtectionConfiguration
• windowsKioskConfiguration
• windowsPhone81CertificateProfileBase
• windowsPhone81CompliancePolicy
• windowsPhone81CustomConfiguration
• windowsPhone81GeneralConfiguration
• windowsPhone81ImportedPFXCertificateProfile
• windowsPhone81SCEPCertificateProfile
• windowsPhone81TrustedRootCertificate
• windowsPhone81VpnConfiguration
• windowsPhoneEASEmailProfileConfiguration
• windowsPrivacyDataAccessControlItem
• windowsUpdateForBusinessConfiguration
• windowsVpnConfiguration
• windowsWifiConfiguration
• windowsWifiEnterpriseEAPConfiguration
• windowsWiredNetworkConfiguration
• windowsZtdnsConfiguration
• deviceManagementComplianceActionItem
• deviceManagementCompliancePolicy
• deviceManagementComplianceScheduledActionForRule
• deviceManagementConfigurationCategory
• deviceManagementConfigurationChoiceSettingCollectionDefinition
• deviceManagementConfigurationChoiceSettingDefinition
• deviceManagementConfigurationPolicy
• deviceManagementConfigurationPolicyTemplate
• deviceManagementConfigurationRedirectSettingDefinition
• deviceManagementConfigurationSetting
• deviceManagementConfigurationSettingDefinition
• deviceManagementConfigurationSettingGroupCollectionDefinition
• deviceManagementConfigurationSettingGroupDefinition
• deviceManagementConfigurationSettingTemplate
• deviceManagementConfigurationSimpleSettingCollectionDefinition
• deviceManagementConfigurationSimpleSettingDefinition
• deviceManagementReusablePolicySetting
• deviceManagementTemplateInsightsDefinition
• deviceManagementAbstractComplexSettingDefinition
• deviceManagementAbstractComplexSettingInstance
• deviceManagementBooleanSettingInstance
• deviceManagementCollectionSettingDefinition
• deviceManagementCollectionSettingInstance
• deviceManagementComplexSettingDefinition
• deviceManagementComplexSettingInstance
• deviceManagementIntegerSettingInstance
• deviceManagementIntent
• deviceManagementIntentAssignment
• deviceManagementIntentCustomizedSetting
• deviceManagementIntentDeviceSettingStateSummary
• deviceManagementIntentDeviceState
• deviceManagementIntentDeviceStateSummary
• deviceManagementIntentSettingCategory
• deviceManagementIntentUserState
• deviceManagementIntentUserStateSummary
• deviceManagementSettingCategory
• deviceManagementSettingComparison
• deviceManagementSettingDefinition
• deviceManagementSettingInstance
• deviceManagementStringSettingInstance
• deviceManagementTemplate
• deviceManagementTemplateSettingCategory
• securityBaselineCategoryStateSummary
• securityBaselineDeviceState
• securityBaselineStateSummary
• securityBaselineTemplate
• applePushNotificationCertificate
• appLogCollectionDownloadDetails
• appLogCollectionRequest
• bulkManagedDeviceActionResult
• cloudPCConnectivityIssue
• comanagedDevicesSummary
• comanagementEligibleDevice
• comanagementEligibleDevicesSummary
• dataSharingConsent
• detectedApp
• deviceAssignmentItem
• deviceComplianceScript
• deviceComplianceScriptDeviceState
• deviceComplianceScriptRunSummary
• deviceCustomAttributeShellScript
• deviceHealthScript
• deviceHealthScriptAssignment
• deviceHealthScriptDeviceState
• deviceHealthScriptParameter
• deviceHealthScriptPolicyState
• deviceHealthScriptRemediationHistory
• deviceHealthScriptRemediationSummary
• deviceHealthScriptRunSchedule
• deviceHealthScriptRunSummary
• intune-devices-devicehealthscripttype
• deviceLocalAdminAccountDetail
• deviceLogCollectionResponse
• deviceManagementScriptAssignment
• deviceManagementScriptDeviceState
• deviceManagementScriptGroupAssignment
• deviceManagementScriptRunSummary
• deviceManagementScriptUserState
• deviceScopeActionResult
• deviceShellScript
• intune-devices-globaldevicehealthscriptstate
• macOSManagedDeviceLocalAdminAccountDetail
• malwareStateForWindowsDevice
• managedDevice
• managedDeviceCleanupRule
• managedDeviceOverview
• intune-devices-manageddeviceremoteaction
• powerliftAppDiagnosticDownloadRequest
• powerliftDownloadRequest
• powerliftIncidentDetail
• powerliftIncidentMetadata
• privilegeManagementElevation
• intune-devices-remediationstate
• remoteActionAudit
• tenantAttachRBAC
• tenantAttachRBACState
• userExperienceAnalyticsAnomaly
• userExperienceAnalyticsAnomalyCorrelationGroupOverview
• userExperienceAnalyticsAnomalyDevice
• userExperienceAnalyticsAppHealthApplicationPerformance
• userExperienceAnalyticsAppHealthAppPerformanceByAppVersion
• userExperienceAnalyticsAppHealthAppPerformanceByAppVersionDetails
• userExperienceAnalyticsAppHealthAppPerformanceByAppVersionDeviceId
• userExperienceAnalyticsAppHealthAppPerformanceByOSVersion
• userExperienceAnalyticsAppHealthDeviceModelPerformance
• userExperienceAnalyticsAppHealthDevicePerformance
• userExperienceAnalyticsAppHealthDevicePerformanceDetails
• userExperienceAnalyticsAppHealthOSVersionPerformance
• userExperienceAnalyticsBaseline
• userExperienceAnalyticsBatteryHealthAppImpact
• userExperienceAnalyticsBatteryHealthCapacityDetails
• userExperienceAnalyticsBatteryHealthDeviceAppImpact
• userExperienceAnalyticsBatteryHealthDevicePerformance
• userExperienceAnalyticsBatteryHealthDeviceRuntimeHistory
• userExperienceAnalyticsBatteryHealthModelPerformance
• userExperienceAnalyticsBatteryHealthOsPerformance
• userExperienceAnalyticsBatteryHealthRuntimeDetails
• userExperienceAnalyticsCategory
• userExperienceAnalyticsDevicePerformance
• userExperienceAnalyticsDeviceScope
• userExperienceAnalyticsDeviceScopeSummary
• userExperienceAnalyticsDeviceScores
• userExperienceAnalyticsDeviceStartupHistory
• userExperienceAnalyticsDeviceStartupProcess
• userExperienceAnalyticsDeviceStartupProcessPerformance
• userExperienceAnalyticsDeviceTimelineEvents
• userExperienceAnalyticsDeviceWithoutCloudIdentity
• userExperienceAnalyticsImpactingProcess
• userExperienceAnalyticsMetric
• userExperienceAnalyticsMetricHistory
• userExperienceAnalyticsModelScores
• userExperienceAnalyticsNotAutopilotReadyDevice
• userExperienceAnalyticsOverview
• userExperienceAnalyticsRegressionSummary
• userExperienceAnalyticsRemoteConnection
• userExperienceAnalyticsResourcePerformance
• userExperienceAnalyticsScoreHistory
• intune-devices-userexperienceanalyticssummarizedby
• userExperienceAnalyticsWorkFromAnywhereDevice
• userExperienceAnalyticsWorkFromAnywhereHardwareReadinessMetric
• userExperienceAnalyticsWorkFromAnywhereMetric
• userExperienceAnalyticsWorkFromAnywhereModelPerformance
• windowsDeviceMalwareState
• windowsMalwareInformation
• windowsManagedDevice
• windowsManagementApp
• windowsManagementAppHealthState
• windowsProtectionState
• activeDirectoryWindowsAutopilotDeploymentProfile
• appleEnrollmentProfileAssignment
• appleUserInitiatedEnrollmentProfile
• azureADWindowsAutopilotDeploymentProfile
• deletedWindowsAutopilotDeviceState
• depEnrollmentBaseProfile
• depEnrollmentProfile
• depIOSEnrollmentProfile
• depMacOSEnrollmentProfile
• depOnboardingSetting
• depTvOSEnrollmentProfile
• depVisionOSEnrollmentProfile
• enrollmentProfile
• importedAppleDeviceIdentity
• importedAppleDeviceIdentityResult
• importedDeviceIdentity
• importedDeviceIdentityResult
• importedWindowsAutopilotDeviceIdentity
• suggestedEnrollmentLimit
• windowsAutopilotDeploymentProfileAssignment
• windowsAutopilotDeviceIdentity
• windowsAutopilotSettings
• privilegeManagementElevationRequest
• embeddedSIMActivationCodePool
• embeddedSIMActivationCodePoolAssignment
• embeddedSIMDeviceState
• deviceAndAppManagementAssignment
• deviceAndAppManagementDeployment
• intune-gntgraphservice-deviceandappmanagementdeploymentaction
• deviceAndAppManagementDeploymentPlan
• deviceAndAppManagementDeploymentRing
• deviceAndAppManagementRingAssignmentConfiguration
• deviceManagementPayloadConflictSetting
• groupPolicyMigrationReport
• groupPolicyObjectFile
• groupPolicySettingMapping
• unsupportedGroupPolicyExtension
• deviceManagementReports
• groupPolicyCategory
• groupPolicyConfiguration
• groupPolicyConfigurationAssignment
• groupPolicyDefinition
• groupPolicyDefinitionFile
• groupPolicyDefinitionValue
• groupPolicyOperation
• groupPolicyPresentation
• groupPolicyPresentationCheckBox
• groupPolicyPresentationComboBox
• groupPolicyPresentationDecimalTextBox
• groupPolicyPresentationDropdownList
• groupPolicyPresentationListBox
• groupPolicyPresentationLongDecimalTextBox
• groupPolicyPresentationMultiTextBox
• groupPolicyPresentationText
• groupPolicyPresentationTextBox
• groupPolicyPresentationValue
• groupPolicyPresentationValueBoolean
• groupPolicyPresentationValueDecimal
• groupPolicyPresentationValueList
• groupPolicyPresentationValueLongDecimal
• groupPolicyPresentationValueMultiText
• groupPolicyPresentationValueText
• groupPolicyUploadedCategory
• groupPolicyUploadedDefinition
• groupPolicyUploadedDefinitionFile
• groupPolicyUploadedPresentation
• androidManagedAppRegistration
• defaultManagedAppProtection
• deviceManagementConfigurationChoiceSettingCollectionDefinition
• deviceManagementConfigurationSetting
• deviceManagementConfigurationSettingGroupCollectionDefinition
• deviceManagementConfigurationSimpleSettingCollectionDefinition
• deviceManagementReports
• iosManagedAppRegistration
• managedAppConfiguration
• managedAppDiagnosticStatus
• managedAppLogCollectionRequest
• managedAppOperation
• managedAppPolicy
• managedAppPolicyDeploymentSummary
• managedAppProtection
• managedAppRegistration
• managedAppStatus
• managedAppStatusRaw
• managedMobileApp
• targetedManagedAppPolicyAssignment
• targetedManagedAppProtection
• windowsInformationProtection
• windowsInformationProtectionAppLockerFile
• windowsInformationProtectionDeviceRegistration
• windowsInformationProtectionPolicy
• windowsInformationProtectionWipeAction
• windowsManagedAppProtection
• windowsManagedAppRegistration
• metricTimeSeriesDataPoint
• microsoftTunnelConfiguration
• microsoftTunnelHealthThreshold
• microsoftTunnelServer
• microsoftTunnelServerLogCollectionResponse
• microsoftTunnelSite
• localizedNotificationMessage
• notificationMessageTemplate
• deviceManagementDomainJoinConnector
• complianceManagementPartner
• deviceAndAppManagementData
• deviceAppManagement
• deviceComanagementAuthorityConfiguration
• deviceEnrollmentLimitConfiguration
• deviceEnrollmentNotificationConfiguration
• deviceEnrollmentPlatformRestrictionConfiguration
• deviceEnrollmentPlatformRestrictionsConfiguration
• deviceEnrollmentWindowsHelloForBusinessConfiguration
• deviceManagementExchangeConnector
• deviceManagementExchangeOnPremisesPolicy
• deviceManagementPartner
• enrollmentConfigurationAssignment
• mobileThreatDefenseConnector
• onPremisesConditionalAccessSettings
• organization
• sideLoadingKey
• user
• vppToken
• windows10EnrollmentCompletionPageConfiguration
• windowsRestoreDeviceEnrollmentConfiguration
• assignmentFilterEvaluateRequest
• assignmentFilterState
• assignmentFilterStatusDetails
• assignmentFilterSupportedProperty
• deviceAndAppManagementAssignmentFilter
• deviceAppManagement
• deviceCompliancePolicyPolicySetItem
• deviceConfigurationPolicySetItem
• deviceManagementConfigurationPolicyPolicySetItem
• deviceManagementScriptPolicySetItem
• intune-policyset-deviceplatformtype
• enrollmentRestrictionsConfigurationPolicySetItem
• hasPayloadLinkResultItem
• iosLobAppProvisioningConfigurationPolicySetItem
• managedAppProtectionPolicySetItem
• managedDeviceMobileAppConfigurationPolicySetItem
• mdmWindowsInformationProtectionPolicyPolicySetItem
• mobileAppPolicySetItem
• payloadCompatibleAssignmentFilter
• policySet
• policySetAssignment
• policySetItem
• targetedManagedAppConfigurationPolicySetItem
• windows10EnrollmentCompletionPageConfigurationPolicySetItem
• windowsAutopilotDeploymentProfilePolicySetItem
• certificateConnectorDetails
• certificateConnectorHealthMetricValue
• onPremEncryptedPayload
• pfxRecryptionRequest
• pfxUserCertificate
• timeSeriesParameter
• userPFXCertificate
• deviceAndAppManagementAssignedRoleDetail
• deviceAndAppManagementAssignedRoleDetails
• deviceAndAppManagementRoleAssignment
• deviceAndAppManagementRoleDefinition
• operationApprovalPolicy
• operationApprovalPolicySet
• operationApprovalRequest
• operationApprovalRequestEntityStatus
• intune-rbac-operationapprovalsource
• rbacApplicationMultiple
• resourceOperation
• roleAssignment
• roleDefinition
• roleManagement
• rolePermission
• roleScopeTag
• roleScopeTagAutoAssignment
• deviceManagementReports
• remoteAssistancePartner
• remoteAssistanceSettings
• deviceManagementCachedReportConfiguration
• deviceManagementExportJob
• deviceManagementReports
• deviceManagementReportSchedule
• androidManagedAppProtection
• deviceAndAppManagementAssignmentTarget
• deviceAppManagement
• deviceCategory
• deviceCompliancePolicy
• deviceConfiguration
• deviceEnrollmentConfiguration
• deviceManagementConfigurationChoiceSettingDefinition
• deviceManagementConfigurationRedirectSettingDefinition
• deviceManagementConfigurationSettingDefinition
• deviceManagementConfigurationSettingGroupDefinition
• deviceManagementConfigurationSimpleSettingDefinition
• deviceManagementDerivedCredentialSettings
• deviceManagementScript
• enrollmentTimeDeviceMembershipTarget
• enrollmentTimeDeviceMembershipTargetResult
• iosLobAppProvisioningConfiguration
• iosManagedAppProtection
• keyLongValuePair
• mdmWindowsInformationProtectionPolicy
• mobileApp
• mobileAppTroubleshootingEvent
• report
• reportRoot
• intune-shared-runasaccounttype
• intune-shared-runstate
• targetedManagedAppConfiguration
• user
• windowsAutopilotDeploymentProfile
• windowsDomainJoinConfiguration
• windowsUpdateState
• bulkCatalogItemActionResult
• bulkDriverActionResult
• intune-softwareupdate-driverapprovalaction
• windowsDriverUpdateInventory
• windowsDriverUpdateProfile
• windowsDriverUpdateProfileAssignment
• windowsFeatureUpdateCatalogItem
• windowsFeatureUpdateProfile
• windowsFeatureUpdateProfileAssignment
• windowsQualityUpdateCatalogItem
• windowsQualityUpdateCatalogItemPolicyDetail
• windowsQualityUpdatePolicy
• intune-softwareupdate-windowsqualityupdatepolicyactiontype
• windowsQualityUpdatePolicyAssignment
• windowsQualityUpdateProfile
• windowsQualityUpdateProfileAssignment
• windowsUpdateCatalogItem
• appleVppTokenTroubleshootingEvent
• deviceManagementAutopilotEvent
• deviceManagementTroubleshootingEvent
• enrollmentTroubleshootingEvent
• managedDeviceSummarizedAppState
• mobileAppIntentAndState
• aggregatedPolicyCompliance
• deviceCompliancePolicySettingStateSummary

Graph reference: androidAppConfigurationSchema

Property	Type	Description
id	String	Key of the entity the application configuration schema corresponds to
exampleJson	Binary	UTF8 encoded byte array containing example JSON string conforming to this schema that demonstrates how to set the configuration for this app
schemaItems	appConfigurationSchemaItemType collection	Collection of items each representing a named configuration option in the schema. It only contains the root-level configuration.
nestedSchemaItems	appConfigurationSchemaItemType collection	Collection of items each representing a named configuration option in the schema. It contains a flat list of all configuration.