IntuneGet Logo
IntuneGet
Documentation

Getting Started

This guide will walk you through deploying your own IntuneGet instance from scratch. Follow each step in order for the smoothest experience.

Prerequisites Checklist

Before starting, make sure you have accounts for these services:

Microsoft Azure AccessTo create Entra ID app registrations
DockerFor running the web application
Windows MachineFor running the local packager

Complete Secrets Reference

You will need to configure these environment variables. Reference this table as you work through the setup:

VariableWhere to Get ItWhere to Use ItExample
DATABASE_MODESet to "sqlite".env.local, Dockersqlite
DATABASE_PATHPath to SQLite file.env.local, Docker/data/intuneget.db
PACKAGER_MODESet to "local".env.local, Dockerlocal
PACKAGER_API_KEYGenerate random string.env.local, Docker, Packagerrandom-32-char...
NEXT_PUBLIC_AZURE_AD_CLIENT_IDAzure Portal > App Registration > Overview.env.local, Docker, Packager12345678-1234-...
AZURE_CLIENT_SECRETAzure Portal > App Registration > Certificates & secrets.env.local, Docker, PackagerAbc123~...
NEXT_PUBLIC_URLYour deployment URL.env.local, Dockerhttp://localhost:3000

Generate a Secure API Key

Run this command in your terminal to generate a secure random API key:

bash
openssl rand -hex 32

Setup Steps

1

Set Up Entra ID App Registration

Create a multi-tenant app registration in Microsoft Entra ID to enable authentication and Intune access.

  1. Go to Azure Portal > Microsoft Entra ID > App registrations
  2. Click "New registration"
  3. Select "Accounts in any organizational directory (Multitenant)"
  4. Add a SPA redirect URI for your app
  5. Configure API permissions and create a client secret
Detailed Entra ID setup guide
2

Deploy with Docker

Deploy your IntuneGet instance using Docker with the embedded SQLite database.

bash|Terminal
# Clone the repository
git clone https://github.com/ugurkocde/IntuneGet.git
cd IntuneGet

# Copy and configure environment
cp .env.example .env.local

# Edit .env.local with these values:
# DATABASE_MODE=sqlite
# DATABASE_PATH=/data/intuneget.db
# PACKAGER_MODE=local
# PACKAGER_API_KEY=<your-generated-api-key>
# NEXT_PUBLIC_AZURE_AD_CLIENT_ID=<from-azure>
# AZURE_CLIENT_SECRET=<from-azure>
# NEXT_PUBLIC_URL=http://localhost:3000

# Start with Docker Compose
docker-compose up -d
Detailed Docker deployment guide
3

Set Up the Local Packager

Install the packager service on a Windows machine to handle app packaging.

  1. On your Windows machine, install Node.js 18+
  2. Install the packager globally: npm install -g @ugurkocde/intuneget-packager
  3. Set environment variables:
bash|Environment Variables (Windows)
set INTUNEGET_API_URL=http://your-docker-host:3000
set PACKAGER_API_KEY=<same-key-as-web-app>
set AZURE_CLIENT_ID=<from-azure>
set AZURE_CLIENT_SECRET=<from-azure>

Start the packager: intuneget-packager

4

Verify Your Deployment

Test that everything is working correctly:

Visit your deployment URL - homepage should load
Check the health endpoint: /api/health
Try signing in with a Microsoft work account
Test the app search functionality
Try deploying a test app (e.g., Notepad++)
Something not working? Check troubleshooting

Final Configuration

After deployment, update your Entra ID app registration with your production URL:

  1. Go to Azure Portal > Your App Registration > Authentication
  2. Add your production URL as a SPA redirect URI (e.g., https://your-app.vercel.app)
  3. Click Save

Important

Make sure NEXT_PUBLIC_URL in your environment matches your actual deployment URL exactly, including https:// and no trailing slash.

Local Packager Details

The local packager is a Windows service that polls the web app for packaging jobs, creates .intunewin packages using Microsoft's IntuneWinAppUtil, and uploads them directly to Intune.

Benefits of Local Packager

  • - Zero external dependencies (no GitHub Actions needed)
  • - Works in air-gapped or restricted network environments
  • - Full data sovereignty - nothing leaves your network
  • - Simple API key authentication

Requirements

  • Windows 10/11 or Windows Server 2016+
  • Node.js 18 or higher
  • Network access to the web app and Microsoft Graph API

Running as a Service

For production use, consider running the packager as a Windows service:

bash|PowerShell (as Administrator)
# Install NSSM (Non-Sucking Service Manager)
choco install nssm

# Create a service
nssm install IntuneGetPackager "C:\Program Files\nodejs\node.exe"
nssm set IntuneGetPackager AppParameters "C:\Users\<user>\AppData\Roaming\npm\node_modules\@ugurkocde\intuneget-packager\dist\index.js"
nssm set IntuneGetPackager AppDirectory "C:\"
nssm set IntuneGetPackager AppEnvironmentExtra "INTUNEGET_API_URL=http://your-server:3000" "PACKAGER_API_KEY=xxx" "AZURE_CLIENT_ID=xxx" "AZURE_CLIENT_SECRET=xxx"

# Start the service
nssm start IntuneGetPackager
View package on npm

Congratulations!

Your IntuneGet instance is now running. Here are some next steps:

  • -Share the admin consent link with your Global Administrator
  • -Deploy your first test application to verify the pipeline works
  • -Configure assignment intents (Required, Available, Uninstall, or Update Only) when adding apps to your cart
  • -Set up a git remote to pull updates from the upstream repository
  • -Consider setting up analytics (Plausible) for usage insights