naftiko: 1.0.0-alpha2 info: label: Microsoft Intune Graph API — Managed Devices description: 'Microsoft Intune Graph API — Managed Devices. 11 operations. Lead operation: Microsoft Intune List managed devices. Self-contained Naftiko capability covering one Microsoft Intune business surface.' tags: - Microsoft Intune - Managed Devices created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: MICROSOFT_INTUNE_API_KEY: MICROSOFT_INTUNE_API_KEY capability: consumes: - type: http namespace: microsoft-intune-managed-devices baseUri: https://graph.microsoft.com/v1.0 description: Microsoft Intune Graph API — Managed Devices business capability. Self-contained, no shared references. resources: - name: deviceManagement-managedDevices path: /deviceManagement/managedDevices operations: - name: listmanageddevices method: GET description: Microsoft Intune List managed devices outputRawFormat: json outputParameters: - name: result type: object value: $. - name: createmanageddevice method: POST description: Microsoft Intune Create managed device outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: deviceManagement-managedDevices-managedDeviceId path: /deviceManagement/managedDevices/{managedDeviceId} operations: - name: getmanageddevice method: GET description: Microsoft Intune Get managed device outputRawFormat: json outputParameters: - name: result type: object value: $. - name: updatemanageddevice method: PATCH description: Microsoft Intune Update managed device outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: true - name: deletemanageddevice method: DELETE description: Microsoft Intune Delete managed device outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deviceManagement-managedDevices-managedDeviceId-rebootNow path: /deviceManagement/managedDevices/{managedDeviceId}/rebootNow operations: - name: rebootmanageddevice method: POST description: Microsoft Intune Reboot a device outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deviceManagement-managedDevices-managedDeviceId-remoteLock path: /deviceManagement/managedDevices/{managedDeviceId}/remoteLock operations: - name: remotelockmanageddevice method: POST description: Microsoft Intune Remote lock a device outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deviceManagement-managedDevices-managedDeviceId-resetPasscode path: /deviceManagement/managedDevices/{managedDeviceId}/resetPasscode operations: - name: resetpasscodemanageddevice method: POST description: Microsoft Intune Reset device passcode outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deviceManagement-managedDevices-managedDeviceId-retire path: /deviceManagement/managedDevices/{managedDeviceId}/retire operations: - name: retiremanageddevice method: POST description: Microsoft Intune Retire a device outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deviceManagement-managedDevices-managedDeviceId-syncDevice path: /deviceManagement/managedDevices/{managedDeviceId}/syncDevice operations: - name: syncmanageddevice method: POST description: Microsoft Intune Sync a device outputRawFormat: json outputParameters: - name: result type: object value: $. - name: deviceManagement-managedDevices-managedDeviceId-wipe path: /deviceManagement/managedDevices/{managedDeviceId}/wipe operations: - name: wipemanageddevice method: POST description: Microsoft Intune Wipe a device outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: body in: body type: object description: Request body (JSON). required: false authentication: type: bearer token: '{{env.MICROSOFT_INTUNE_API_KEY}}' exposes: - type: rest namespace: microsoft-intune-managed-devices-rest port: 8080 description: REST adapter for Microsoft Intune Graph API — Managed Devices. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/devicemanagement/manageddevices name: devicemanagement-manageddevices description: REST surface for deviceManagement-managedDevices. operations: - method: GET name: listmanageddevices description: Microsoft Intune List managed devices call: microsoft-intune-managed-devices.listmanageddevices outputParameters: - type: object mapping: $. - method: POST name: createmanageddevice description: Microsoft Intune Create managed device call: microsoft-intune-managed-devices.createmanageddevice with: body: rest.body outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid} name: devicemanagement-manageddevices-manageddeviceid description: REST surface for deviceManagement-managedDevices-managedDeviceId. operations: - method: GET name: getmanageddevice description: Microsoft Intune Get managed device call: microsoft-intune-managed-devices.getmanageddevice outputParameters: - type: object mapping: $. - method: PATCH name: updatemanageddevice description: Microsoft Intune Update managed device call: microsoft-intune-managed-devices.updatemanageddevice with: body: rest.body outputParameters: - type: object mapping: $. - method: DELETE name: deletemanageddevice description: Microsoft Intune Delete managed device call: microsoft-intune-managed-devices.deletemanageddevice outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid}/rebootnow name: devicemanagement-manageddevices-manageddeviceid-rebootnow description: REST surface for deviceManagement-managedDevices-managedDeviceId-rebootNow. operations: - method: POST name: rebootmanageddevice description: Microsoft Intune Reboot a device call: microsoft-intune-managed-devices.rebootmanageddevice outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid}/remotelock name: devicemanagement-manageddevices-manageddeviceid-remotelock description: REST surface for deviceManagement-managedDevices-managedDeviceId-remoteLock. operations: - method: POST name: remotelockmanageddevice description: Microsoft Intune Remote lock a device call: microsoft-intune-managed-devices.remotelockmanageddevice outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid}/resetpasscode name: devicemanagement-manageddevices-manageddeviceid-resetpasscode description: REST surface for deviceManagement-managedDevices-managedDeviceId-resetPasscode. operations: - method: POST name: resetpasscodemanageddevice description: Microsoft Intune Reset device passcode call: microsoft-intune-managed-devices.resetpasscodemanageddevice outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid}/retire name: devicemanagement-manageddevices-manageddeviceid-retire description: REST surface for deviceManagement-managedDevices-managedDeviceId-retire. operations: - method: POST name: retiremanageddevice description: Microsoft Intune Retire a device call: microsoft-intune-managed-devices.retiremanageddevice outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid}/syncdevice name: devicemanagement-manageddevices-manageddeviceid-syncdevice description: REST surface for deviceManagement-managedDevices-managedDeviceId-syncDevice. operations: - method: POST name: syncmanageddevice description: Microsoft Intune Sync a device call: microsoft-intune-managed-devices.syncmanageddevice outputParameters: - type: object mapping: $. - path: /v1/devicemanagement/manageddevices/{manageddeviceid}/wipe name: devicemanagement-manageddevices-manageddeviceid-wipe description: REST surface for deviceManagement-managedDevices-managedDeviceId-wipe. operations: - method: POST name: wipemanageddevice description: Microsoft Intune Wipe a device call: microsoft-intune-managed-devices.wipemanageddevice with: body: rest.body outputParameters: - type: object mapping: $. - type: mcp namespace: microsoft-intune-managed-devices-mcp port: 9090 transport: http description: MCP adapter for Microsoft Intune Graph API — Managed Devices. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: microsoft-intune-list-managed-devices description: Microsoft Intune List managed devices hints: readOnly: true destructive: false idempotent: true call: microsoft-intune-managed-devices.listmanageddevices outputParameters: - type: object mapping: $. - name: microsoft-intune-create-managed-device description: Microsoft Intune Create managed device hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.createmanageddevice with: body: tools.body outputParameters: - type: object mapping: $. - name: microsoft-intune-get-managed-device description: Microsoft Intune Get managed device hints: readOnly: true destructive: false idempotent: true call: microsoft-intune-managed-devices.getmanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-update-managed-device description: Microsoft Intune Update managed device hints: readOnly: false destructive: false idempotent: true call: microsoft-intune-managed-devices.updatemanageddevice with: body: tools.body outputParameters: - type: object mapping: $. - name: microsoft-intune-delete-managed-device description: Microsoft Intune Delete managed device hints: readOnly: false destructive: true idempotent: true call: microsoft-intune-managed-devices.deletemanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-reboot-device description: Microsoft Intune Reboot a device hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.rebootmanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-remote-lock-device description: Microsoft Intune Remote lock a device hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.remotelockmanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-reset-device-passcode description: Microsoft Intune Reset device passcode hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.resetpasscodemanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-retire-device description: Microsoft Intune Retire a device hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.retiremanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-sync-device description: Microsoft Intune Sync a device hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.syncmanageddevice outputParameters: - type: object mapping: $. - name: microsoft-intune-wipe-device description: Microsoft Intune Wipe a device hints: readOnly: false destructive: false idempotent: false call: microsoft-intune-managed-devices.wipemanageddevice with: body: tools.body outputParameters: - type: object mapping: $.