Microsoft Intune + Microsoft Teams
Connect Microsoft Intune and Microsoft Teams to Automate IT Security and Collaboration Workflows
Keep your devices compliant and your teams informed by integrating Intune device management directly with Microsoft Teams notifications and workflows.
Why integrate Microsoft Intune and Microsoft Teams?
Microsoft Intune and Microsoft Teams are two core parts of any Microsoft 365 environment — one handles device health and security policy, the other handles day-to-day communication. When they run separately, IT teams end up manually chasing compliance violations, onboarding delays, and security incidents with no reliable feedback loop. Connecting Intune with Teams through tray.ai brings device management events to the people who need to act on them, turning raw compliance data into real-time alerts that are actually useful.
Automate & integrate Microsoft Intune & Microsoft Teams
Use case
Real-Time Device Compliance Alerts in Teams
When Intune detects a device falling out of compliance — an outdated OS, missing encryption, a policy violation — tray.ai automatically sends a structured alert to a designated Teams channel. IT staff can see the device owner, policy failure reason, and severity level without ever leaving Teams. Manual dashboard monitoring goes away, and response times drop fast.
Use case
Automated Employee Device Onboarding Notifications
When a new device is enrolled in Intune during employee onboarding, tray.ai sends a personalized Teams message to the new hire with setup instructions, links to required apps, and IT support contacts. The assigned IT team member gets a Teams notification at the same time to confirm enrollment or step in if something goes wrong. It's a consistent experience that doesn't require anyone to babysit the process.
Use case
Security Incident Escalation Workflow
When Intune flags a high-severity security event — a jailbroken device, malware detection, or disabled security baselines — tray.ai routes a prioritized alert to a dedicated security incident channel in Teams and optionally creates a task or ticket. The alert includes remediation steps, device owner information, and a clear escalation path so the right people can move quickly.
Use case
Device Retirement and Offboarding Coordination
When an employee leaves and their device is wiped or retired in Intune, tray.ai posts a confirmation to the IT offboarding channel in Teams and notifies relevant stakeholders like HR or asset management. Everyone stays aligned without anyone having to send manual status updates, and you get an auditable communication trail for compliance.
Use case
Policy Update Announcements to IT Teams
When a new configuration profile or compliance policy is pushed in Intune, tray.ai automatically posts a summary to the relevant IT Teams channel — which policy changed, which device groups are affected, who approved it. Distributed IT teams stay on the same page during rollouts, and the usual miscommunication that comes with large policy changes drops considerably.
Use case
Conditional Access Failure Notifications for End Users
When an end user gets blocked from a Microsoft 365 resource because of a conditional access policy enforced by Intune, tray.ai sends them a proactive Teams message explaining what happened and what they need to do to fix it. Users get self-service guidance before they ever think to open a helpdesk ticket.
Use case
Weekly Device Compliance Summary Reports
On a schedule, tray.ai queries Intune for device compliance statistics across the organization and posts a formatted summary report to a Teams channel used by IT managers or security leadership. Compliant vs. non-compliant counts, top policy violations, trend data — all without manual exports.
Get started with Microsoft Intune & Microsoft Teams integration today
Microsoft Intune & Microsoft Teams Challenges
What challenges are there when working with Microsoft Intune & Microsoft Teams and how will using Tray.ai help?
Challenge
Mapping Intune Device Identities to Teams Users
Intune manages devices using device IDs, Entra (Azure AD) object IDs, and UPNs, while Teams routes messages to users by their Teams user ID or UPN. Reliably connecting a device event to the correct Teams user — especially in organizations with guest accounts, shared devices, or name variations — requires careful identity resolution logic that's hard to maintain manually.
How Tray.ai Can Help:
tray.ai provides a flexible data mapping layer that resolves Intune device owner UPNs to Microsoft Teams user identities using intermediate API calls, conditional logic branches, and lookup tables. The right person gets the right notification without anyone maintaining hardcoded identity mappings.
Challenge
Handling High-Volume Compliance Events Without Alert Fatigue
In large enterprises with thousands of managed devices, Intune can generate a flood of compliance state changes in a short window — especially after a policy update or OS rollout. Sending every single event as a Teams notification without any filtering or aggregation buries IT channels and trains people to ignore them.
How Tray.ai Can Help:
tray.ai lets teams build filtering, deduplication, and aggregation logic directly into their workflows. Events can be batched into digest messages, filtered by severity or device group, or throttled to prevent channel flooding — so IT teams get signal without the noise.
Challenge
Maintaining Workflow Reliability Across Microsoft API Rate Limits
Both the Intune and Teams APIs enforce rate limits that, when hit during peak automation activity, cause failed API calls and dropped notifications. Integrations built without proper retry and error-handling logic miss alerts at exactly the wrong moments.
How Tray.ai Can Help:
tray.ai includes built-in retry logic, exponential backoff, and error branching so API rate limit responses are handled without anyone having to intervene. Failed calls are automatically retried, and fallback logic can queue or re-route notifications so no compliance event gets silently dropped.
Challenge
Keeping Workflows Current as Intune Policies and Teams Structures Evolve
Organizations frequently update Intune compliance policies, add new device groups, or restructure Teams channels and memberships. Custom integration scripts built outside a managed platform go stale quickly — routing alerts to archived channels, missing new policy categories, and requiring constant developer attention to fix.
How Tray.ai Can Help:
tray.ai's visual workflow builder makes it straightforward for IT operations teams to update routing logic, add new Teams channels, or adjust Intune trigger conditions without touching code. Workflows can be versioned, tested, and updated independently of the underlying Microsoft environment.
Challenge
Ensuring Secure Credential and Token Management for Both Services
Integrating Intune and Teams requires authenticated access to the Microsoft Graph API using OAuth tokens scoped appropriately for device management and messaging. Managing token refresh cycles, permission scopes, and credential rotation outside a dedicated integration platform is a real operational burden.
How Tray.ai Can Help:
tray.ai handles OAuth 2.0 authentication, token refresh, and secure credential storage natively for both Intune and Teams. IT teams authorize their connections once through tray.ai's secure connector framework, and all subsequent token lifecycle management runs automatically — no credentials sitting in scripts or environment variables.
Start using our pre-built Microsoft Intune & Microsoft Teams templates today
Start from scratch or use one of our pre-built Microsoft Intune & Microsoft Teams templates to quickly solve your most common use cases.
Microsoft Intune & Microsoft Teams Templates
Find pre-built Microsoft Intune & Microsoft Teams solutions for common use cases
Template
Intune Non-Compliance Alert to Teams Channel
This template monitors Intune for device compliance state changes and automatically posts a detailed alert card to a specified Microsoft Teams channel whenever a device becomes non-compliant, including device name, user, policy violated, and timestamp.
Steps:
- Trigger fires when Intune reports a device compliance state change to non-compliant
- tray.ai enriches the event with device owner, device ID, and policy violation details from Intune
- A formatted adaptive card alert is posted to the designated IT Teams channel with all relevant context
Connectors Used: Microsoft Intune, Microsoft Teams
Template
New Device Enrollment Welcome Message to Employee via Teams
When a new device is successfully enrolled in Intune, this template sends a personalized welcome and setup guide via Teams direct message to the device owner, while notifying the assigned IT technician in a separate channel to confirm the enrollment.
Steps:
- Trigger fires when a new device enrollment is completed successfully in Intune
- tray.ai looks up the employee's Teams user profile using the Intune device owner details
- A personalized setup guide is sent via Teams DM to the employee, and a confirmation is posted to the IT onboarding channel
Connectors Used: Microsoft Intune, Microsoft Teams
Template
High-Severity Intune Security Event to Teams Security Channel
This template detects high-severity security events in Intune — such as jailbreak detection or non-compliant encryption — and immediately routes a prioritized alert to a dedicated Teams security operations channel with recommended remediation steps.
Steps:
- Trigger fires when Intune logs a high-severity device security event or threat detection
- tray.ai filters for critical severity events and extracts device, user, and threat classification data
- A priority-flagged alert card with remediation guidance is posted to the Teams security operations channel
Connectors Used: Microsoft Intune, Microsoft Teams
Template
Device Offboarding Notification to IT and HR Teams Channels
When a device is wiped or retired in Intune as part of an employee departure, this template automatically notifies the IT offboarding channel and an HR coordination channel in Teams, providing a confirmation summary with device details and offboarding status.
Steps:
- Trigger fires when a device wipe or retirement action is completed in Intune
- tray.ai extracts the device owner, device ID, and wipe completion timestamp from Intune
- Confirmation messages are posted to both the IT Teams offboarding channel and the HR coordination channel
Connectors Used: Microsoft Intune, Microsoft Teams
Template
Scheduled Weekly Compliance Report Posted to Teams
This template runs on a weekly schedule, queries Intune for organization-wide device compliance statistics, and posts a formatted summary report to a Teams channel used by IT managers or security leadership.
Steps:
- Scheduled trigger fires once per week at a configured time
- tray.ai queries Intune APIs to retrieve compliance statistics, top violations, and device counts by state
- A structured compliance summary report is posted to the designated IT leadership Teams channel
Connectors Used: Microsoft Intune, Microsoft Teams
Template
Conditional Access Block — Self-Service Remediation Message via Teams
This template detects when a user is blocked by a conditional access policy tied to Intune device compliance and automatically sends them a Teams direct message with the reason for the block and step-by-step instructions to restore access.
Steps:
- Trigger fires when Intune or Azure AD logs a conditional access block event for a specific user
- tray.ai identifies the blocking policy, compliance gap, and user identity from the event data
- A personalized Teams DM is sent to the affected user with the denial reason and self-service remediation steps
Connectors Used: Microsoft Intune, Microsoft Teams