[Feature Request] As a wrapped application, I want to use the broker app for authentication, so that conditional access is accepting the device as registered.
Closed this issue · 1 comments
Information
We need to authenticate against a active directory with conditional access configured. So only compliant devices devices (e.g. registered in Intune), are getting the access token. From our understanding we need to use the authentication broker app (e.g. Intune Company Portal app) during authentication to provide azure ad the device state (e.g. device id). The lack of public informations to this topic, we kindly ask to answer this issue.
Feature Request
As a wrapped application, I want to use the broker app for authentication, so that conditional access is accepting the device as registered.
Reason for Request
We are getting the error code 53003 during third party oath 2 library authentication. The device identifier and state is "Not available" and "Unregistered". The system administrator confirmed, that our app was not recognized by azure ad conditional access. To pass the this additional device informations, we need to use the broker app.
Preferred Solution
Please answer the following questions:
- Is our analysis correct (use broker app for auth)?
- Can the wrapped application take use of the broker app for authentication (using msal library)?
- Is there a functionality for authentication with broker app available in the wrapper?
Questions to Ask Before Submission
- Has the feature you are requesting already been submitted? No
- Are you using the latest App Wrapper version? Yes
The App Wrapper is designed for applications that have minimal user authentication experiences and does not support requiring app protection policy (Conditional Access).
Based on your request, it looks like your app would be better served by integrating the Intune App SDK for Android.
For full details, please read through Prepare line-of-business apps for app protection policies.