0

I´m trying to create a C# app which will enroll devices into Intune via Microsoft graph API, but after calling graphClient.DeviceManagement.WindowsAutopilotDeviceIdentities.PostAsync(newDevice), It keeps throwing this exception:

No OData route exists that match template ~/singleton/navigation with http verb POST for request /DeviceEnrollmentFE/StatelessDeviceEnrollmentFEService/deviceManagement/windowsAutopilotDeviceIdentities."} Microsoft.Graph.Models.ODataErrors.ODataError

First of all, It is possible to enroll devices into Intune when I use powershell script with same Tenant ID / App ID / App Secret, which I´m using in my C# app.

The problem shouldnt be also caused by unseficcient permissions of an app. In Azure AD, the app has these permissions, all of them with admin consent:

  • DeviceManagementManagedDevices.ReadWrite.All
  • DeviceManagementServiceConfig.ReadWrite.All
  • DeviceManagementApps.ReadWrite.All

List of all permissions

When I was investigating communication with MS server, my app correctly calls and receives Access token from the server. But there are no packet sent after calling the register method:

graphClient.DeviceManagement.WindowsAutopilotDeviceIdentities.PostAsync(newDevice);

and It just throws exception mentioned above.

Does anybody know how to make C# app communicate with MS Intune via Graph API?

Here is a simplified example of code which I´m using:

namespace IntuneTest
{
    public partial class MainWindow : Window
    {
        private GraphServiceClient graphClient;

        public MainWindow()
        {
            InitializeComponent();
            InitializeGraphClient();
        }

        // Initialize Graph Client with ClientSecretCredential for authentication
        private async void InitializeGraphClient()
        {
            var credential = new ClientSecretCredential(
                "TenantID",   // Replace with your Tenant ID
                "AppID",      // Replace with your App ID
                "ClientSecret" // Replace with your Client Secret
            );

            graphClient = new GraphServiceClient(credential, new[] { "https://graph.microsoft.com/.default" });

            var token = await credential.GetTokenAsync(new TokenRequestContext(new[] { "https://graph.microsoft.com/.default" }), CancellationToken.None);
            Debug.WriteLine($"Access Token: {token.Token}");
        }

        // Register a Windows Autopilot device
        private async Task RegisterDeviceAsync()
        {
            try
            {
                var newDevice = new WindowsAutopilotDeviceIdentity
                {
                    SerialNumber = "6WX8WT2",   // Required: Serial number
                    Manufacturer = "Dell Inc.", // Optional
                    Model = "Latitude 5590",    // Optional
                    EnrollmentState = EnrollmentState.Enrolled
                };

                await graphClient.DeviceManagement.WindowsAutopilotDeviceIdentities.PostAsync(newDevice);
                Debug.WriteLine("Device registered.");
                MessageBox.Show("Device registered successfully!", "Success");
            }
            catch (ServiceException ex)
            {
                Debug.WriteLine($"Error: {ex.Message}");
                MessageBox.Show($"Error registering device: {ex.Message}", "Error");
            }
        }

        // Triggered by button click to register the device
        private async void Button_Click(object sender, RoutedEventArgs e)
        {
            await RegisterDeviceAsync();
        }
    }
}

Thank you very much!

Improve this question
1
  • Could you tell me how you could send the request without getting the exception? In the Documentation i could not find any field called DeviceID. Thank you. Commented Jan 8 at 18:38

1 Answer 1

Reset to default
0

To clear things up a bit.

The method you are using is not supposed to register devices in Intune. The method registers devices with Windows Autopilot service. Are you sure this is what you are trying to achieve?

The method is probably failing because your call is missing parameters. According to this article, all 17 properties are required: Create windowsAutopilotDeviceIdentity

Since Device ID is mentioned as one of required properties, the device must already be joined to Entra ID for this to work.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

You are right - I´m actually trying to register device with Windows Autopilot service, not in Intune. For mentioned method - besides all required parameters, the crucial is Device ID, which should be hash of the parameters of the PC. I found out that the only supported option how to get this hash is with powershell Get-WindowsAutoPilotInfo script, which also registers device with Windows Autopilot in one step. Long story short, most convenient way for registering device with Autopilot is with created tool for that - powershell script. Thanks a bunch for your answer, it helped me the right way.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.