In this short post, we will explore how to view discovered apps on Intune devices. In addition, we will develop a script to obtain the above apps.
Table of Contents
Discovered apps via Intune Portal
Discovered apps in Intune are a list of all the apps that are detected on Intune-enrolled devices in a tenant. This includes both managed apps and unmanaged apps. Discovered apps can be used to get a software inventory of the devices and to identify apps that you may want to manage.
To view the list of discovered apps, we can go to the Apps > Monitor > Discovered apps page in the Intune admin center.
Discovered apps can be filtered and sorted by a variety of criteria, such as app name, publisher, version, and device type. We can also export the list of discovered apps to a CSV file.
In addition to that we can check the discovered apps for individual devices.
Here are some of the benefits of using discovered apps in Intune:
- Identify apps that need to be managed: We can use the list of discovered apps to identify apps that we may want to manage with Intune. This can help us to improve security and compliance, and to provide a better user experience.
- Track app usage: We can use the list of discovered apps to track how often apps are used on devices. This information can be used to make decisions about which apps to support and which apps to retire.
- Troubleshoot app problems: If users are having problems with an app, we can use the list of discovered apps to gather information about the app, such as the version and the publisher. This information can help us to troubleshoot the problem.
Overall, discovered apps in Intune is a valuable tool that can be used to improve the management of our devices and apps.
Discovered apps via PowerShell
While the out-of-the-box report and the discovered apps blade on individual devices are helpful, they have limitations, such as the inability to easily search or export apps for specific devices. To address this, we can use (what else) PowerShell.
Through Graph API requests, we can obtain the desired information and perform the necessary operations. Below is a script to retrieve discovered apps for a device, which can be customized with additional checks and filters as needed.
Note that we iterate through all returned pages of the request to gather information for every application.
@odata.nextLink is a property returned in some Microsoft Graph API responses that contains a URL to the next page of results. It is returned when the response contains more results than can be returned in a single page.
To get the next page of results, we can make a new request to the URL in the @odata.nextLink property. As in the below script, we can continue to do this until the @odata.nextLink property is no longer returned, which indicates that there are no more results.
Connect-MSGraph
# enter device name
$device = "DESKTOP-22V7417"
# get the device Intune ID
$IntuneID = (Get-IntuneManagedDevice -Filter "deviceName eq '$device'" | select id).id
# Graph api url to get discovered apps
$discoveredAppsUrl = "https://graph.microsoft.com/beta/deviceManagement/manageddevices('$IntuneID')/detectedApps?filter=&top=50"
# perform the request
$apps = Invoke-MSGraphRequest -Url $discoveredAppsUrl -HttpMethod GET
# get all pages returned
$appsNextLink = $apps.'@odata.nextLink'
$allApps = $apps.value
while ($appNextLink){
$apps = Invoke-MSGraphRequest -Url $appNextLink -HttpMethod GET
$appsNextLink = $apps.'@odata.nextLink'
$allApps += $apps.value
}
# iterate through the applications and print them
foreach ($app in $allApps){
Write-Host $app.displayName
}References and documentation:
Check the below posts to find out more interesting relevant topics: