Summary
The following REST API call is to get the InTune report data for the tenant.
# The API is a REST call with the request body to get the report CSV file.
https://graph.microsoft.com/beta/deviceManagement/reports/exportJobsPlease refer here for more details on the API.
Step By Step Solution
Step # 1 Create an Azure AD app with the MS Graph “DeviceManagementManagedDevices.Read.All” permission.
Please note the Application ID, Secret, and Tenant ID. You will need these three pieces of information in the PowerShell Script.
Step # 2 Using PowerShell run the following script.
# Init Variables
$outputPath = "C:\Hold"
$outputCSVPath = "C:\Hold\EAWFAreport.zip" #might need changed
$ApplicationID = "TOBE CHANGED"
$TenantID = "TOBE CHANGED"
$AccessSecret = "TOBE CHANGED"
#Create an hash table with the required value to connect to Microsoft graph
$Body = @{
grant_type = "client_credentials"
scope = "https://graph.microsoft.com/.default"
client_id = $ApplicationID
client_secret = $AccessSecret
}
#Connect to Microsoft Graph REST web service
$ConnectGraph = Invoke-RestMethod -Uri https://login.microsoftonline.com/$TenantID/oauth2/v2.0/token -Method POST -Body $Body
#Endpoint Analytics Graph API
$GraphGroupUrl = "https://graph.microsoft.com/beta/deviceManagement/reports/exportJobs"
# define request body as PS Object
$requestBody = @{
reportName = "Devices"
select = @(
"DeviceId"
"DeviceName"
"SerialNumber"
"ManagedBy"
"Manufacturer"
"Model"
"GraphDeviceIsManaged"
)
}
# Convert to PS Object to JSON object
$requestJSONBody = ConvertTo-Json $requestBody
#define header, use the token from the above rest call to AAD.
# in post method define the body is of type JSON using content-type property.
$headers = @{
'Authorization' = $(“{0} {1}” -f $ConnectGraph.token_type,$ConnectGraph.access_token)
'Accept' = 'application/json;'
'Content-Type' = "application/json"
}
#This API call will start a process in the background to #download the file.
$webResponse = Invoke-RestMethod $GraphGroupUrl -Method 'POST' -Headers $headers -Body $requestJSONBody -verbose
#If the call is a success, proceed to get the CSV file.
if ( -not ( $null -eq $webResponse ) )
{
#Check status of export (GET) until status = complete
do
{
#format the URL to make a next call to get the file location.
$url2GetCSV = $("https://graph.microsoft.com/beta/deviceManagement/reports/exportJobs('{0}')" -f $webResponse.id)
"Calling $url2GetCSV"
$responseforCSV = Invoke-RestMethod $url2GetCSV -Method 'GET' -Headers $headers -verbose
if (( -not ( $null -eq $responseforCSV ) ) -and ( $responseforCSV.status -eq "completed"))
{
#download CSV from "URL=" to OutputCSVPath
#### It means the completed status is true, now get the file.
Invoke-WebRequest -Uri $responseforCSV.url -OutFile $outputCSVPath
# Un Zip the file.
Expand-Archive -LiteralPath $outputCSVPath -DestinationPath $outputPath
}
{
Write-Host "Still in progress..."
}
Start-Sleep -Seconds 10 # Delay for 10 seconds.
} While (( -not ( $null -eq $responseforCSV ) ) -and ( $responseforCSV.status -eq "inprogress"))
}
After this PowerShell script call, you should see the Zip and CSV files in the C:\Hold Folder.
Conclusion
The above steps will help you to get the InTune reports data file. The API still in the beta if anything changes I will update this post.
Pankaj Surti's Blog 
Thanks Pankaj it is greate stuff.
could you please help me to attached a file from system drive and email using graph API .
I am unable to attched the file from system drive while email using graph API.
Hi, thanks for this great stuff. But I’m having an issue with this powershell script.
When I run it, it throws up an error:
Invoke-RestMethod : The remote server returned an error: (401) Unauthorized.
What do you think might be the issue?
Thanks