Motivation

This tool was initially created to learn some C# programming and to better understand the Microsoft Graph API.

...Now fellow workplace engineers have a tool supporting them with powerful automation for various Enterprise Mobility + Security features.

Managing Intune (MEM) and Conditional Access configuration requires a lot of clicking around in the portal. While the author of this tool is daydreaming about of "EM+S" as code the Modern Workplace Concierge automates most of this tasks and provides functionality to import and export configurations. Even across different tenants. So replicating, upating, rolling-back or even migrating you configuration to a new tenant becomes fairly easy.

The Modern Workplace Concierge is open source and proudly presented by Nicola Suter. Made in Switzerland .

GitHub Repository Nicola's tech blog Send email

Permissions

The Modern Workplace Concierge needs the following delegated Microsoft Graph permissions:

  • Application.Read.All
  • DeviceManagementApps.ReadWrite.All
  • DeviceManagementConfiguration.ReadWrite.All
  • DeviceManagementRBAC.ReadWrite.All
  • DeviceManagementServiceConfig.ReadWrite.All
  • Group.ReadWrite.All
  • Policy.Read.All
  • Policy.ReadWrite.ConditionalAccess
  • RoleManagement.Read.Directory
  • User.Read
  • User.ReadBasic.All
Microsoft Graph permissions reference

Instance Details

App Configuration

  • TokenEndpoint: https://login.microsoftonline.com/common/v2.0
  • Application ID: c65c4011-1b90-4ec9-b5e9-1ee17786ad84
  • Redirect URI: https://mwconcierge.azurewebsites.net/
  • Graph Endpoint: https://graph.microsoft.com:443/beta
  • Instance: ModernWorkplaceConcierge/public

Azure DevOps CI