A Python script to sync Microsoft Intune managed devices into Snipe-IT, with the ability to filter by device platform.
- Fetch Intune managed devices via Microsoft Graph API
- Normalize Android-Enterprise UPNs
- Auto-create Snipe-IT categories, manufacturers, and models
- Import devices into Snipe-IT with correct
manufacturer_id,model_id,category_id, and status label - Check out assets to existing Snipe-IT users
--dry-runmode to preview actions without writing--platformflag to limit sync to one of:windows,android,ios,macos, orall
- Python 3.7+
- Azure AD App Registration with Application permissions:
DeviceManagementManagedDevices.Read.AllUser.Read.All(if user info is fetched)
- Snipe-IT API credentials with write access
- Clone this repository:
git clone https://github.com/yourorg/intune-snipe-sync.git cd intune-snipe-sync - Install dependencies:
pip install msal requests
Set environment variables (or add to .env):
export AZURE_TENANT_ID="<your-tenant-guid>"
export AZURE_CLIENT_ID="<your-client-id>"
export AZURE_CLIENT_SECRET="<your-client-secret>"
export SNIPEIT_URL="https://my-snipeit.example.com/api/v1"
export SNIPEIT_API_TOKEN="<your-snipeit-api-token>"
export SNIPEIT_DEFAULT_STATUS="Ready to Deploy"Preview actions without writing to Snipe-IT:
python3 app.py --dry-run --platform windowsSync devices (all platforms by default):
python3 app.pySync only Android devices:
python3 app.py --platform android- Fetch Intune devices (filtering by
--platform) via Graph API. - Ensure Snipe-IT has an
Intunecategory, the default status label exists, and models/manufacturers are created. - Create hardware assets in Snipe-IT and check them out to users if assigned.
- 403 Forbidden: Ensure your Azure AD app has appropriate Graph permissions and admin consent.
- Missing fields: Verify your Snipe-IT instance has categories, models, and status labels enabled.
- Status label not found: Check
SNIPEIT_DEFAULT_STATUSmatches exactly an existing label.
Feel free to open issues or submit PRs.