Service Graph Connector for Microsoft Intune - Import fails with: Unable to make a connection to Intune via Graph API call - Support and Troubleshooting

Service Graph Connector for Microsoft Intune - Import fails with: Unable to make a connection to Intune via Graph API call Issue After configuring Service Graph Connector for Microsoft Intune ( Set up the Microsoft Intune spoke), th e test fails with the following message: org.mozilla.javascript.JavaScriptException: Error: Unable to make a connection to Intune via Graph API call. Please check your credential configuration. Check the system log for more details. (sys_data_source.59d993927721101077b22344681061c2.data_loader; line 29)

This error occurs despite being able to obtain a token successfully, OAuth configuration being correct, and the MID Server (if used) being able to access the endpoint correctly.

Cause This error could be caused by an issue with the permissions and scopes set on the Azure side of Intune or because of connection issues.

Verify whether the error was caused by a connection issue, such as the connection timing out despite successful authentication.

f there is no connection issue, perform the following steps to verify whether the error was caused by a permissions issue:

1) Verify that the OAuth configuration is correct:

Register Microsoft Intune as an OAuth provider

2) Verify that the Graph API is accessible via the instance without the need for the MID Server.

- Go Navigate to "IntegrationHub" > "Connections"

- Open the "MS Intune Connection"

- Untick the "Use MID Server" box

- Save

3) Perform the Service Graph Connector for the Microsoft Intune test.

4) Check the outbound HTTP calls to confirm if token retrieval was successful and if there was a failure obtaining data.

- Go to "System logs" > "Outbound HTTP Requests"

- You should see two outbound requests to Microsoft

- The request to "https://login.microsoftonline.com/" relates to obtaining the OAuth token. (If you see a 200 status, the token was successful)

- The request to "https://graph.microsoft.com/" relates to obtaining data from Intune. IF this returns a 401 then there is an issue with permissions on the Azure side.

Alternatively, you can use a third-party application such as Postman to first obtain the token from Microsoft and use it to perform a GET request to the following URL

https://graph.microsoft.com/beta/deviceManagement/managedDevices

Resolution If a 401 is being returned from the Microsoft Graph API, the permissions and scopes must be checked on the Microsoft Azure side.

Please refer to the required permissions available here https://www.servicenow.com/docs/bundle/yokohama-servicenow-platform/page/product/configuration-management/task/configure-intune-integration.html

Once complete, perform Service Graph Connector for Microsoft Intune test. If there is data on the Intune side, this data should be successfully imported into the instance.

ref: Intune permission scopes

ref: Microsoft Intune Spoke - Role and Permissions - Fixing "Invalid user name and password 401" error