Automatic assignment groups are useful when app deployment should stay consistent without manually creating a new Microsoft Entra group every time an Intune app is added. The pattern works best when group names, app names, and assignment intent follow the same convention.
In production tenants I recommend validating the group creation flow with one pilot application first. Check the created group, verify the Intune assignment, and document the naming rule before you let automation create groups for a larger application catalogue.
When creating a new app in the Intune admin center and not assigning it to AllUsers/AllDevices, this is always some work to create your own group for available/required and uninstall assignments for each app. You know I love automation. To save time and automate this work I will describe in this blog how you can create a runbook that takes this work completely over.
