• Get started
  • Documentation

Data Manager - Entra ID Device Adapter

Assets Data Manager for Jira Service Management Cloud is currently rolling out in Open Beta and will be available to all Premium + Enterprise sites by end of October 2024.

Introduction

Entra ID Device is a tool produced by Microsoft that is used for Systems Management.

Entra ID Device uses a API connection to bring data into Assets Data Manager.

The Entra ID Device connector requires you to register an application on the Azure Portal to obtain a Tenant ID, Client ID, and Client Secret. Liaise with your Microsoft Subject Matter Expert for assistance.

How do I connect this tool to Assets Data Manager?

This task requires Data Manager Adapters admin permissions to complete. See how permissions and roles work in Data Manager.

 

Follow this procedure to connect this tool to Assets Data Manager using the custom-built Adapter:

  1. Gather all of the information listed in the Data Manager Fields section, such as the Name, Object class, Data Source Name, and Data Source Type.

  2. Gather all of the information in the Entra ID Device Fields section - this may require consultation with the subject matter expert (SME) for Entra ID-

  3. Within Data Manager:

    1. Create a new job by selecting the Adapter that matches your tool.

    2. Configure all of the required fields with the appropriate information.

  4. Within Entra ID Device:

    1. Follow all of the steps listed in the Authentication and Authorization section to properly configure Authentication and Authorization.

    2. Review the information in the API Call section and fields retrieved.

    3. Review the Fields Retrieved section.

Each time this job is run, the data you have selected will be brought into Data Manager using the configured Adapter and become raw data.

Data Manager Fields

You will need to specify the following information from Assets Data Manager:

  1. Name - the name of the Connection, visible as the job name in Adapters.

  2. Object - the name of the Object Class you want to the data to be loaded into.

  3. Data Source Name - the type of data being created; which is usually the tool name, e.g AD, Qualys etc. Note: This can be the same as Name.

  4. Data Source Type - what type of data is the tool providing? For example, Assets, CMDB, user location and more. The default setting for Entra ID is Azure Directory.

Entra ID Device Fields

You will need to specify the following information from Entra ID Device:

  1. Tenant-ID - a unique identifier that identifies the Entra ID tenant to use for authentication.

  2. Client-ID - a unique identifier to identify the Microsoft application in Entra ID.

  3. Client Secret - a secret string that the application uses to prove it's identity when requesting a token.

  4. API Timeout - the Api Timeout restricts the number of fields returned from the source. By default, the API Timeout is set to 0 for Adapters.

If a timeout occurs, it results in a “500 error” status code with details about the timeout in the response. Timeouts are typically caused by one of two things:

  • the call involves too much data in the Entra ID Devices source

  • there is a network/service issue.

  1. API Limit - the Api Limit field allows the enforcement of the amount of request/quantity of data (or records) to be consumed by the Data Manager and transferred to the back-end staging database.

By default, the API limit is set to 0 for the Adapter – meaning that there are no restrictions. However if connecting to a Entra ID source that is heavily populated with data, the best practice is to limit the rate to 1000.

Authentication and Authorization

Use the standard procedure for Entra ID Devices:

  1. Register the application using the Entra ID Portal to obtain the Tenant ID, Client ID and the Application ID.

  2. Generate the Client Secret to obtain the Client Secret ID.

  3. On the application's Overview page, under Manage, select API Permissions > Add a permission.

  4. Select Microsoft Graph from the list of available APIs. Then add the permission 'Device.Read.All' and grant admin consent.

  5. Select Add Permissions.

API Call

The API call for Entra ID Device is: Device.Read.All.

Fields Retrieved

The following fields are retrieved:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Id DeviceId ExternalSourceName OnPremisesLastSyncDateTime DeletedDateTime DeviceMetadata IsCompliant OnPremisesSyncEnabled AccountEnabled DeviceOwnership IsManaged OperatingSystem ApproximateLastSignInDateTime DeviceVersion IsRooted OperatingSystemVersion ComplianceExpirationDateTime DisplayName ManagementType ProfileType ComplianceExpirationDateTime DomainName Manufacturer RegistrationDateTime ComplianceExpirationDateTime EnrollmentProfileName MdmAppId SourceType DeviceCategory EnrollmentType Model TrustType

Still need help?

The Atlassian Community is here for you.