There is an updated list of permissions in the ClearPass Intune Integration online documentation.
The Application permissions are probably not used anymore; and for the permissions there is a note on what they are used for. The Write permissions are mostly for PostAuth enforcement, so if you would like to wipe/lock a device based on what happens during the ClearPass authentication. If you don't use that, Read-only should be good, but check the documentation for the most recent information.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Mar 12, 2025 06:52 AM
From: peter.elms
Subject: Intune API permissions
hi Airheads,
quick question about Intune API permissions.
The document i have says to enable all the following in Intune configuration :-
customer is asking whether the "Application.ReadWrite.All" is necessary as it says "read-write all applications ?
They have disabled that feature and the enpoint updates still seems to work , but i was wondering whether Aruba would still support this ?
cheers
Pete
