Question about expected behavior with Conditional Access on iOS and third‑party apps

Question

Question about expected behavior with Conditional Access on iOS and third‑party apps

msamuel 0

We are trying to understand expected behavior when using Conditional Access on iOS devices.

Environment

Microsoft Entra ID

Microsoft Intune (App Protection Policies – MAM‑WE)

Conditional Access: Require compliant device

iOS devices

Microsoft 365 apps (OneDrive, SharePoint)

Question

On iOS devices protected with Conditional Access and App Protection Policies, we are observing that third‑party applications may be unable to access files stored in SharePoint document libraries, even though the user is already authenticated.

Authentication appears to succeed, and there are no Conditional Access failures shown in Entra sign‑in logs. However, file access from non‑Microsoft apps does not complete successfully.

What we are trying to understand

Is this expected behavior when Conditional Access and device compliance are enforced on iOS?

Are there documented limitations for third‑party mobile applications accessing SharePoint content under these conditions?

Is the recommended approach to access SharePoint files from iOS via Microsoft apps or a browser instead of third‑party apps?

We want to make sure we are designing our mobile workflows in line with supported Microsoft guidance and would appreciate clarification on the intended behavior.

msamuel 0 Reputation points

2026-02-20T20:24:40.86+00:00

Repro steps:

User opens OneDrive iOS app

Navigates to Libraries

Selects a SharePoint document library

Selects a PDF

Chooses “Open with Adobe Acrobat”

Acrobat launches successfully

PDF shows “Preparing file”, spinner appears

Spinner closes, file does not load, no error shown

Observed behavior

Authentication appears successful

No Conditional Access failures or blocks in Entra sign‑in logs

Acrobat cannot load the SharePoint file

Issue is consistent and reproducible

What works

PDFs stored in personal OneDrive open correctly in Acrobat

PDFs opened from Outlook attachments open correctly

PDFs opened from SharePoint via Safari (browser) work

Issue does not occur on Windows or macOS
What is not working:
SharePoint iOS app, Open in Acrobat.

OneDrive, Libraries, SharePoint, Open in Acrobat.
Acrobat, Browser more files, OneDrive, libraries, Folder, PDF

1 answer

Your answer

msamuel 0 Reputation points

2026-02-20T20:24:40.86+00:00

Repro steps:

User opens OneDrive iOS app

Navigates to Libraries

Selects a SharePoint document library

Selects a PDF

Chooses “Open with Adobe Acrobat”

Acrobat launches successfully

PDF shows “Preparing file”, spinner appears

Spinner closes, file does not load, no error shown

Observed behavior

Authentication appears successful

No Conditional Access failures or blocks in Entra sign‑in logs

Acrobat cannot load the SharePoint file

Issue is consistent and reproducible

What works

PDFs stored in personal OneDrive open correctly in Acrobat

PDFs opened from Outlook attachments open correctly

PDFs opened from SharePoint via Safari (browser) work

Issue does not occur on Windows or macOS
What is not working:
SharePoint iOS app, Open in Acrobat.

OneDrive, Libraries, SharePoint, Open in Acrobat.
Acrobat, Browser more files, OneDrive, libraries, Folder, PDF

Answer 1

Anonymous

Yes, this is the expected behavior.

When you enforce Conditional Access (CA) with a "Require compliant device" grant control on iOS, you are effectively creating a boundary that most third-party applications cannot cross. Even if the user is authenticated, the specific technical mechanism used to prove device compliance is rarely supported by non-Microsoft apps.

Microsoft explicitly states that for a device to be marked as compliant in a CA policy, the app must support broker-assisted authentication.

0 comments

Share via

Question about expected behavior with Conditional Access on iOS and third‑party apps

1 answer

Your answer