Share via

How can I prevent sign-in redirection to Edge after applying App Protection Policies?

Artem Shaturskyi 220 Reputation points
2024-10-23T10:39:21.8366667+00:00

Hello!

We created App Protection Policies for iOS devices in Microsoft Intune and are now experiencing issues with sign-in for a few applications. One example is BIPO HRMS - after users enter their work credentials and authenticator code, the following message appears: 'You can't get there from here. You must use Microsoft Edge to access this resource.' When the user presses the 'Launch in Edge' button, the window hangs. Another application with similar behavior is Apple Configurator.
The most frustrating part is that even if the user manages to access Edge and sign in with their work account, Edge keeps prompting for sign-in repeatedly.

Our question is: **Is it possible to disable the sign-in redirection to Edge for specific apps or all apps after applying App Protection Policies?
**
Best regards
Artem

Microsoft Security | Intune | Microsoft Intune iOS
Microsoft Security | Intune | Other
Answer accepted by question author
  1. Crystal-MSFT 54,201 Reputation points Microsoft External Staff
    2024-10-24T01:48:49.9133333+00:00

    @Artem Shaturskyi, Thanks for posting in Q&A. Based as I know, App Protection Policies are designed to ensure that corporate applications are accessed securely, often requiring the use of Microsoft Edge to maintain compliance and protect data. So disable sign-in redirection to Microsoft Edge after applying App Protection Policies is not directly supported.

    From your description, I know you have conditional access policy been configured to require app protection policy and "Require approved client app". Please confirm what we configure under Target resources > Cloud apps? if we change to only include the cloud app we want. will the result be different?

    Meanwhile, I notice you have selected "Require approved client app", please check which application the client use to access the cloud resource. Is it under the supported app list in the following link"

    https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-conditional-access-grant#require-approved-client-app

    For sign in frequently issue, I want to confirm if we set Sign-in frequency in conditional access policy.

    https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-conditional-access-session#sign-in-frequency

    In addition, please check sign in log to see if there' s any error we will get when the user accesses the cloud resource.

    https://learn.microsoft.com/en-us/entra/identity/conditional-access/troubleshoot-conditional-access#microsoft-entra-sign-in-events

    Please check the above information and if there's any update, feel free to let us know.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.