This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 44%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPR%3C/text%3E%3C/svg%3E)
I have an Azure app service web app registered with Entra ID. I want determine the name or ID of a managed on-prem device when an authenticated user signs into the Web app, which is running in the browser of the on-prem device. Is this possible? My goal is to display different apps from the Web App UI depending on whether the user accesses the Web app from a managed device or a personal device.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 24%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Hello Peter Roddy,
Thanks for your question.
I will suggest Azure AD Conditional Access policies and device compliance information.
You could configure a policy that grants access to the web app only from devices marked as managed in Entra
See: Create a device-based Conditional Access policy
You can also Use compliance policies to set rules for devices you manage with Intune
You can mark it 'Accept Answer' and 'Upvote' if this helped you
Regards,
Abiola
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Peter Roddy
Thank you for reaching out!
I understand that you would like to get the ID of a managed device from a registered web app using Graph API.
You can get the List properties and relationships of the managedDevice objects.
Here is an example of the request.
GET https://graph.microsoft.com/v1.0/deviceManagement/managedDevices
GET /deviceManagement/managedDevices
GET /deviceManagement/detectedApps/{detectedAppId}/managedDevices
GET /deviceManagement/detectedApps/{detectedAppId}/managedDevices/{managedDeviceId}/users/{userId}/managedDevices
For more information, please refer https://video2.skills-academy.com/en-us/graph/api/intune-devices-manageddevice-list?view=graph-rest-1.0
Hope this helps. Do let us know if you any further queries.
Thanks,
Akhilesh.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Hi @Peter Roddy
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Hi @Peter Roddy Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.