The Copilot app from the App Store on MacOS fails against a Conditional Access policy - root cause: OS recognized as iOS

Bernhard Stosik 5 Reputation points
2024-02-07T22:12:32.6633333+00:00

Opening Copilot (version 3.0.0 installed from the App Store) on a Mac (OS 14.3) fails against a Conditional Access policy. Root cause is that the app is recognized in the Conditional Access policy as "Microsoft Bing Search" on "iOS" running on a device that is not known by Entra ID. In reality the device is registered in Entra ID, for all other apps the underlying OS is reported correctly with the device recognized in Entra ID, and all policy requirements met.
Does anyone experience the same issue? Any ideas how to work around or solve? BTW, I do not see how to exclude "Microsoft Bing Search" from the policy scope as it is not listed as an app.

Microsoft Copilot
Microsoft Copilot
Microsoft terminology for a universal copilot interface.
412 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Bernhard Stosik 5 Reputation points
    2024-03-04T17:00:03.4366667+00:00

    As mentioned in my original question, the Application "Microsoft Bing Search" with the Application ID "cf36b471-5b44-428c-9ce7-313bf84528de" cannot be selected as an exclusion in the Conditional Access Policy.
    However, having a closer look to the corresponding "Sign-in log" of the failing occurrence, I found there a line named "Resource" with the entry "Bing" and another line with the "Resource ID" "9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7".
    I added the app "Bing" as an exclusion into the specific conditional access policy and the user was able to use the "Copilot" app immediately.
    As mentioned in my original question, this happened on MacOS, but the Copilot app was recognized incorrectly running on iOS. Therefore I had to adjust the policy targeting iOS.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.