This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 15%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKD%3C/text%3E%3C/svg%3E)
Hello all
We have a problem with our dedicated devices (kiosk) shared mode on Android devices.
We use the kiosk deployment of android devices for several purposes trough Intune-Endpoint manager. ( apprx 300 devices now) all working fine.
For specific use case we need to enroll an amount of devices (on this moment 50 but that will grow) in Azure AD shared device enrollment profile due to use of token.
The enrollment token is based on corporate-owned dedicated devices with Azure AD shared device mode.
Managed home app is adjusted for enforcing log on, time out, pin code ….
Also the MHS options in the device configuration profile are active.
We use the option to wipe all cached data on these devices.
Our problem is:
So when 1 user is logged on, he or she can use all apps on the device. When logging off, and giving the device to a colleague, the next user can logon but still see the personal data of the colleague (first logged on) in the outlook, and sharepoint app.
Word app and excel are no problems as described above.
We used app configuration profiles as well but they doesn’t seem to work like expected.
The biggest problem is the remaining data in the app(s). Sharepoint is the main problem, thats in fact the most important app we will need.
Desired situation:
An overlay logon screen (working at the moment), SSO on all apps when logging on. And removing all data from apps (account logout- not working on several apps)
Situation like: https://www.youtube.com/watch?v=y8fhA-FakSA
Used apps for these situation like mentioned: office suite + powerapps, sharepoint and a couple in house built apps (they already have the wipe data function build in and tested, and working fine).
There is also the camera app and gallery app. if someone knows how, we would like to wipe that data as well when user is logging off. but i gues we need and gallery app that have SAML built in...
We also built some app configuration pofiles but it doenst work like expected as well. do we need a json config for this matter to deploy in an app configuration policy/profile inside Intune.. or...
We used these links for information:
https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-shared-devices
Thank you for providing support on this matter.
Kind regards
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@kevin deleux , Thanks for posting in Q&A. From your description it seems the issue is only with some specific apps. You can contact the spp support to see if the app have the ability to wipe data after logging off in kiosk mode. If yes. then you can open case to look into the issue via logs to see if there's any more finding. Here is a link with the steps to open case for your reference:
https://learn.microsoft.com/en-us/mem/get-support
Thanks for your understanding.