Getting Started

This guide will walk you through deploying your own IntuneGet instance from scratch. Follow each step in order for the smoothest experience.

Prerequisites Checklist

Before starting, make sure you have accounts for these services:

Microsoft Azure AccessTo create Entra ID app registrations

DockerFor running the web application

Windows MachineFor running the local packager

Complete Secrets Reference

You will need to configure these environment variables. Reference this table as you work through the setup:

Variable	Where to Get It	Where to Use It	Example
`DATABASE_MODE`	Set to "sqlite"	.env.local, Docker	`sqlite`
`DATABASE_PATH`	Path to SQLite file	.env.local, Docker	`/data/intuneget.db`
`PACKAGER_MODE`	Set to "local"	.env.local, Docker	`local`
`PACKAGER_API_KEY`	Generate random string	.env.local, Docker, Packager	`random-32-char...`
`NEXT_PUBLIC_AZURE_AD_CLIENT_ID`	Azure Portal > App Registration > Overview	.env.local, Docker, Packager	`12345678-1234-...`
`AZURE_AD_CLIENT_SECRET`	Azure Portal > App Registration > Certificates & secrets	.env.local, Docker, Packager	`Abc123~...`
`NEXT_PUBLIC_URL`	Your deployment URL	.env.local, Docker	`http://localhost:3000`

Generate a Secure API Key

Run this command in your terminal to generate a secure random API key:

bash

openssl rand -hex 32

Setup Steps

Set Up Azure AD App Registration

Create a multi-tenant app registration in Microsoft Entra ID to enable authentication and Intune access.

Go to Azure Portal > Microsoft Entra ID > App registrations
Click "New registration"
Select "Accounts in any organizational directory (Multitenant)"
Add a SPA redirect URI for your app
Configure API permissions and create a client secret

Detailed Azure AD setup guide

Deploy with Docker

Deploy your IntuneGet instance using Docker with the embedded SQLite database.

bash|Terminal

# Clone the repository
git clone https://github.com/ugurkocde/IntuneGet.git
cd IntuneGet

# Copy and configure environment
cp .env.example .env.local

# Edit .env.local with these values:
# DATABASE_MODE=sqlite
# DATABASE_PATH=/data/intuneget.db
# PACKAGER_MODE=local
# PACKAGER_API_KEY=<your-generated-api-key>
# NEXT_PUBLIC_AZURE_AD_CLIENT_ID=<from-azure>
# AZURE_AD_CLIENT_SECRET=<from-azure>
# NEXT_PUBLIC_URL=http://localhost:3000

# Start with Docker Compose
docker-compose up -d

Detailed Docker deployment guide

Set Up the Local Packager

Install the packager service on a Windows machine to handle app packaging.

On your Windows machine, install Node.js 18+
Install the packager globally: npm install -g @ugurkocde/intuneget-packager
Set environment variables:

bash|Environment Variables (Windows)

set INTUNEGET_API_URL=http://your-docker-host:3000
set PACKAGER_API_KEY=<same-key-as-web-app>
set AZURE_CLIENT_ID=<from-azure>
set AZURE_CLIENT_SECRET=<from-azure>

Start the packager: intuneget-packager

Verify Your Deployment

Test that everything is working correctly:

Visit your deployment URL - homepage should load

Check the health endpoint: /api/health

Try signing in with a Microsoft work account

Test the app search functionality

Try deploying a test app (e.g., Notepad++)

Something not working? Check troubleshooting

Final Configuration

After deployment, update your Azure AD app registration with your production URL:

Go to Azure Portal > Your App Registration > Authentication
Add your production URL as a SPA redirect URI (e.g., https://your-app.vercel.app)
Click Save

Important

Make sure NEXT_PUBLIC_URL in your environment matches your actual deployment URL exactly, including https:// and no trailing slash.

Local Packager Details

The local packager is a Windows service that polls the web app for packaging jobs, creates .intunewin packages using Microsoft's IntuneWinAppUtil, and uploads them directly to Intune.

Benefits of Local Packager

- Zero external dependencies (no GitHub Actions needed)
- Works in air-gapped or restricted network environments
- Full data sovereignty - nothing leaves your network
- Simple API key authentication

Requirements

Windows 10/11 or Windows Server 2016+
Node.js 18 or higher
Network access to the web app and Microsoft Graph API

Running as a Service

For production use, consider running the packager as a Windows service:

bash|PowerShell (as Administrator)

# Install NSSM (Non-Sucking Service Manager)
choco install nssm

# Create a service
nssm install IntuneGetPackager "C:\Program Files\nodejs\node.exe"
nssm set IntuneGetPackager AppParameters "C:\Users\<user>\AppData\Roaming\npm\node_modules\@ugurkocde\intuneget-packager\dist\index.js"
nssm set IntuneGetPackager AppDirectory "C:\"
nssm set IntuneGetPackager AppEnvironmentExtra "INTUNEGET_API_URL=http://your-server:3000" "PACKAGER_API_KEY=xxx" "AZURE_CLIENT_ID=xxx" "AZURE_CLIENT_SECRET=xxx"

# Start the service
nssm start IntuneGetPackager

View package on npm

Congratulations!

Your IntuneGet instance is now running. Here are some next steps:

-Share the admin consent link with your Global Administrator
-Deploy your first test application to verify the pipeline works
-Set up a git remote to pull updates from the upstream repository
-Consider setting up analytics (Plausible) for usage insights