Mircrosoft Single Sign on extension for Chrome
Microsoft Single Sign-On extension in the Chrome browser for MacOS is inconsistently pulling the required device status(Join Type,Manage), which is affecting Entra ID Conditional Access.
Here are the specifics:
OS: MacOS
Browser: Chrome (updated)
Extension: Microsoft Single Sign On
Microsoft Security | Microsoft Entra | Microsoft Entra ID
-
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-04-29T14:24:03.1066667+00:00 Hello @Rey ,
I understand you are using Microsoft Single Sign-On extension in the Chrome browser for MacOS and inconsistently pulling the required device status(Join Type,Manage), which is affecting Entra ID Conditional Access.
For users with the Microsoft Single Sign On extension for Google Chrome installed, then their Chrome browser should be able communicate with the Microsoft SSO broker for both an SSO user experience and to work with device-based Conditional Access policies. If users aren't able to pass device-based Conditional Access policies in Google Chrome then there may be an issue with how the Company Portal application was installed, which can prevent Chrome from communicating with the SSO broker. You should take the following steps to remediate this issue:
- Open the Applications folder on the Mac
- Right click the Company Portal application and choose Move to Trash
- Download the latest version of the Company Portal installer from https://go.microsoft.com/fwlink/?linkid=853070
- Freshly install Company Portal using the downloaded CompanyPortal-Installer.pkg
Validate that the issue is resolved by checking for the existence of this file:
~/Library/Application\ Support/Google/Chrome/NativeMessagingHosts/com.microsoft.browsercore.json
For detailed and additional information follow the trouble shooting guide: Troubleshoot Google Chrome SSO issues , Troubleshooting the Microsoft Enterprise SSO Extension plugin on Apple devices
Hope this information helps. Let me know if you have any additional queries. Happy to assist you further.
-
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-04-30T13:02:47.3933333+00:00 Hello @Rey ,
following upto see if the above suggestion is helpful. let me know if you have any additional queries. Happy to assist you further.
-
Rey • 0 Reputation points
2025-04-30T13:10:10.4433333+00:00 Hi Goutam, give me sometime to test the suggested solution.
regards,
-
Rey • 0 Reputation points
2025-05-02T05:18:32.9133333+00:00 Hi Goutam, we are still coordinating with users and do the testing.
-
Harshitha Eligeti • 4,380 Reputation points • Microsoft External Staff • Moderator
2025-05-02T10:49:34.86+00:00 Hello @Rey •
Yeah Sure. Do let us know if you have any other queries, we are happy to assist further. -
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-05-05T19:45:49.8433333+00:00 Hello @Rey ,
following upto see if the above suggestion is helpful. let me know if you have any additional queries. Happy to assist you further.
-
Rey • 0 Reputation points
2025-05-06T00:10:38.88+00:00 Hi Goutam, from the procedure would require resetting the device including data transfer?Are we going completely un install the company portal?
-
Rey • 0 Reputation points
2025-05-06T01:05:02.7766667+00:00 Hi Goutam,
We have followed the step by step procedure but we issue still the same.
File in ~/Library/Application\ Support/Google/Chrome/NativeMessagingHosts/com.microsoft.browsercore.json is not found after re installation.
-
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-05-06T21:25:09.9633333+00:00 Hello @Rey ,
As you are saying that it is not found after re-installation then try to deploy the following script via your MDM or other automation tools to copy the JSON file to the correct location. This script should be run in the user's context for each user who experiences the Chrome SSO issue:
#!/usr/bin/env zsh # Copy over Browser Core json file to the right location # If the folder doesn't exist, create it # For Google Chrome (user-specific, default path) if [ ! -d ~/Library/Application\ Support/Google/Chrome/NativeMessagingHosts ]; then mkdir ~/Library/Application\ Support/Google/Chrome/NativeMessagingHosts fi cp /Applications/Company\ Portal.app/Contents/Resources/com.microsoft.browsercore.json ~/Library/Application\ Support/Google/Chrome/NativeMessagingHosts/ # For Edge (user-specific, default path, not channel specific) # See: https://learn.microsoft.com/microsoft-edge/extensions-chromium/developer-guide/native-messaging?tabs=v3%2Cmacos if [ ! -d ~/Library/Application\ Support/Microsoft\ Edge/NativeMessagingHosts ]; then mkdir ~/Library/Application\ Support/Microsoft\ Edge/NativeMessagingHosts fi cp /Applications/Company\ Portal.app/Contents/Resources/com.microsoft.browsercore.json ~/Library/Application\ Support/Microsoft\ Edge/NativeMessagingHosts/
If you are still facing the issue then try Troubleshooting the Microsoft Enterprise SSO Extension plugin on Apple devices.
Let us know if you need additional assistance required. Happy to assist you further
-
Rey • 0 Reputation points
2025-05-07T00:35:24.33+00:00 Hi Goutam, would you know the timeline on release of update?
-
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-05-07T21:28:29.23+00:00 Hello @Rey ,
Exactly we do not know the release of update but before the update it will be notified.
Also follow the Troubleshooting the Microsoft Enterprise SSO Extension plugin on Apple devices.
Let us know if you have any additional queries. Happy to assist you further.
-
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-05-08T22:58:48.91+00:00 Hello @Rey ,
following up to see if the above response is helpful. Let us know if you have any additional queries. Happy to assist you further.
-
Rey • 0 Reputation points
2025-05-08T23:46:52.01+00:00 Hi Goutam, im sorry, we update once tested.
-
Goutam Pratti • 6,170 Reputation points • Microsoft External Staff • Moderator
2025-05-09T20:54:53.1133333+00:00 Hello @Rey ,
Yeah sure you can update once you tested. Happy to assist you further
-
Rey • 0 Reputation points
2025-05-14T05:53:33.8633333+00:00 Hi Goutam, we have pushed the script but encountered error. See below
mkdir: /var/root/Library/Application Support/Google/Chrome: No such file or directory cp: directory /var/root/Library/Application Support/Google/Chrome/NativeMessagingHosts does not exist mkdir: /var/root/Library/Application Support/Microsoft Edge: No such file or directory cp: directory /var/root/Library/Application Support/Microsoft Edge/NativeMessagingHosts does not exist
Sign in to comment