Hi @stromnessian ,
While Edge is an approved client app, a requirement for this feature is that the device needs to be registered in Azure AD and the user needs to be authenticated to a work account in the Edge browser. If the end user is not selecting the device certificate and thus providing device registration information, then the Conditional Access policy is expected to fail the request
Do you run into the same issue if you access the app directly from Edge, compared to if you redirect from Safari? Since Edge is an approved app and Safari is not, the redirect may be the cause of your issue. If this is the case, you can may be able to resolve this by making sure that Edge is selected as the default browser. Also, if you are accessing Edge in private mode, Conditional Access won't consider it to be an approved client app.
Is it a third party app and do you have the application listed as a trusted application? The client app needs to be in the approved list and there are no third party apps added for approved client apps, but if the app uses Edge it should be considered approved.
If you try these steps and still face this issue, it would help if you could share more details about your conditional access policy and authentication method.
-
If the information helped you, please Accept the answer. This will help us and other community members as well.