Forum Discussion

mvolkmann's avatar
mvolkmann
Copper Contributor
Dec 02, 2024

Get List of Apps from single devices (Powershell)

Hello everyone,

i'm currently looking for a way to use msgraph to run a query in Intune to determine which apps are assigned to a device. The idea is that when a device is changed, all the apps used can be made available to the user on the new device.

A large proportion are of course assigned via groups, but there are also many company-specific applications that cannot be assigned in this way.

The most promising post so far has been the following article "https://practical365.com/using-powershell-to-install-apps-on-endpoints/", but this initially records all apps and then sorts them to the devices.

Does anyone have an alternative to this?

Many thanks in advance for any tips and advice.

Graph API
Intune

1 Reply

  • Ankido's avatar
    Ankido
    Iron Contributor
    Dec 03, 2024

    The script connects to Microsoft Graph, retrieves the apps assigned to a specific device, and exports the data into a CSV file if you want to export to CSV otherwise you can delet this step:

    # Import the Microsoft Graph PowerShell module
    Import-Module Microsoft.Graph

    # Connect to Microsoft Graph with the necessary permissions
    # Make sure the app has permissions: DeviceManagementApps.Read.All and DeviceManagementManagedDevices.Read.All
    Connect-MgGraph -Scopes "DeviceManagementApps.Read.All", "DeviceManagementManagedDevices.Read.All"

    # Define the device name for which we want to fetch the app list
    $deviceName = "Device_Name" # Replace with the actual device name

    # Step 1: Get the device ID by searching for the device in Intune
    Write-Host "Fetching device information..."
    $device = Get-MgDeviceManagementManagedDevice -Filter "displayName eq '$deviceName'"

    # Check if the device exists
    if ($null -eq $device) {
        Write-Host "Device not found. Please verify the device name and try again." -ForegroundColor Red
        return
    }

    $deviceId = $device.Id
    Write-Host "Device ID fetched: $deviceId"

    # Step 2: Retrieve the list of all apps managed by Intune
    Write-Host "Fetching app assignments for the device..."
    $allApps = Get-MgDeviceAppManagementMobileApps

    # Step 3: Filter apps that are assigned to the specific device
    $assignedApps = foreach ($app in $allApps) {
        # Check if the app assignments contain the device ID
        foreach ($assignment in $app.Assignments) {
            if ($assignment.Target.DeviceGroupId -eq $deviceId) {
                # Add app details to the output if assigned to the device
                [PSCustomObject]@{
                    DisplayName = $app.DisplayName
                    Publisher   = $app.Publisher
                    Version     = $app.Version
                }
            }
        }
    }

    # Step 4: Check if any apps were found
    if ($assignedApps.Count -eq 0) {
        Write-Host "No apps found for the specified device." -ForegroundColor Yellow
        return
    }

    # Step 5: Export the app list to a CSV file
    $outputFile = "DeviceApps_$deviceName.csv"
    Write-Host "Exporting app list to $outputFile..."
    $assignedApps | Export-Csv -Path $outputFile -NoTypeInformation -Encoding UTF8

    Write-Host "App list exported successfully to $outputFile" -ForegroundColor Green



    Let me know if this helps

Resources