This is a continuation of a series of articles on Azure services from an operational engineering perspective with the most recent introduction to Microsoft 365 with the link here. The previous article mentioned Microsoft 365 with its broad capabilities. This article discusses its usage with Intune and Microsoft Graph. 

Microsoft 365 for enterprise is a complete, intelligent solution that empowers everyone to be creative and work together securely. It is designed for large organizations, but it can also be used for medium-sized and small businesses that need the most advanced security and productivity capabilities.  Microsoft Intune manages devices and applications. Configuration Manager manages software installations, updates, and settings on the devices. Endpoint Analytics determines the update readiness of the windows clients. Windows Autopilot sets up and pre-configures Windows devices.

Microsoft Intune APIs serve to expose all features of Microsoft Intune for programmatic access. They can be used to define and enforce compliance policies, protect company data, create and deploy device configuration policies, create and deploy device access control policies, and perform remote actions to manage devices. They can be used to deploy apps to devices, manage access to eBooks, and define and deploy app configuration settings, app protection settings, and app usage policies. They can be used to automate defining and assigning role-based access control, auditing and reporting compliance, usage and access and managing telecom expenses. All the Intune APIs are made available via Microsoft Graph. 

Microsoft Graph enables integration with the best of Microsoft 365, Windows 10 and Enterprise mobility and security services in Microsoft 365, using a standard set of REST APIs and client libraries for all data sources that makes it convenient for developers to seamlessly integrate different data sources. It uses the concepts of users and groups to elaborate on these functionalities.  A user is an individual who uses Microsoft 365 cloud services and for Microsoft Graph, it is the focus for which the identity is protected, and access is well managed. The data associated with this entity and the opportunities to enrich the context, provide real-time information, and deep insights are what makes Microsoft Graph so popular. A group is the fundamental entity that lets users collaborate and integrate with other services which enable scenarios for task planning, teamwork, education and more.  

By providing a common API framework to expose device management and application management capabilities to developers for building mobility and security services using Microsoft 365, the combination of Intune, Microsoft 365 and Graph provides unparalleled capabilities. With these capabilities, IT professionals managing on-site, and cloud-based infrastructure enable hybrid worker productivity. Those workers can access cloud-based service and data in their Microsoft 365 subscription and organizational resources anytime and from anywhere. Their sign-ins are secured, and their applications and devices can be managed with cloud security. The hybrid workers can be as productive and collaborative as on-premises.