Home
Alerts, reporting, troubleshooting
Integrations
In this collection of topics, you will learn how to troubleshoot problems with Portnox Cloud integrations such as those with authentication repositories, endpoint management solutions, and more.
Intune: App permissions
In this topic, you will learn what minimum permissions are needed in Microsoft Intune and Azure for the Portnox™ Cloud app to work correctly.

Alerts, reporting, troubleshooting
- Portnox Cloud alerts
  In this topic, you will learn what are alerts in Portnox™ Cloud, where to find them, and how to use them effectively.
- AAA Logs
  In this topic, you will learn what are AAA logs in Portnox™ Cloud, where to find them, and how to use them effectively.
- Reporting service
  In this topic, you will learn what is the Portnox™ Cloud reporting service and how to download and/or schedule different types of reports.
- Monitoring mode
  In this collection of topics, you will learn how to use the monitoring mode to safely onboard devices without risking the loss of network access.
- Portnox Cloud onboarding
  In this collection of topics, you will learn how to troubleshoot problems with onboarding devices to a network managed by Portnox™ Cloud.
- Portnox Active Directory Broker
  In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ Active Directory Broker.
- Portnox AgentP
  In this collection of topics, you will learn how to troubleshoot problems with the installation and operation of the Portnox™ AgentP.
- Local RADIUS/TACACS+ instances
  In this collection of topics, you will learn how to troubleshoot problems with the operation of the local RADIUS/TACACS+ instances.
- Integrations
  In this collection of topics, you will learn how to troubleshoot problems with Portnox Cloud integrations such as those with authentication repositories, endpoint management solutions, and more.
  - Intune: App permissions
    In this topic, you will learn what minimum permissions are needed in Microsoft Intune and Azure for the Portnox™ Cloud app to work correctly.
- Conditional Access for Applications
  In this collection of topics, you will learn how to troubleshoot problems with Portnox Conditional Access to Applications.

Microsoft Intune/Azure permissions for the Portnox Cloud app

In this topic, you will learn what minimum permissions are needed in Microsoft Intune and Azure for the Portnox™ Cloud app to work correctly.

Microsoft Azure:

AzureApplication.Read.All: Required for the app to perform SCEP validations.
Device.Read.All: Required for the app to get the following variables: Id, DisplayName, DeviceId, DeviceVersion, IsCompliant, IsManaged, OperatingSystem, OperatingSystemVersion, Model, Manufacturer, Imei, Meid, SerialNumber, MacAddress.
DeviceManagementManagedDevices.Read.All: Required for the app to reference the Azure device ids from the Intune device ids.
Group.Read.All: Required for the app to get the following variables: Id, MailNickname, Description, DisplayName, MemberOf, Members.
ServicePrincipalEndpoint.Read.All: Required for the app to get a list of Intune endpoints in the tenant’s Azure directory.
User.Read.All: Required for the app to get the following variables: Id, UserPrincipalName, Mail, MailNickname, AccountEnabled, DeviceOwners, DeviceUsers.

Microsoft Intune:

scep_challenge_provider: Required only if you use SCEP. It lets the Portnox Cloud service validate that SCEP requests originated from Intune.
get_device_compliance: Required to allow the app to find Intune devices by their MAC address.