Troubleshooting issues on Microsoft Defender for Endpoint on Android

Applies to:

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

When onboarding a device, you might see sign in issues after the app is installed.

During onboarding, you might encounter sign in issues after the app is installed on your device.

This article provides solutions to help address the sign-on issues.

Sign in failed - unexpected error

Sign in failed: Unexpected error, try later

An sign-in failed error Unexpected error in the sign-in page of the Microsoft Defender 365 portal.


Unexpected error, try later


You have an older version of "Microsoft Authenticator" app installed on your device.


Install latest version and of Microsoft Authenticator from Google Play Store and try again.

Sign in failed - invalid license

Sign in failed: Invalid license, contact administrator

The directive contact details in the sign-in page of the Microsoft Defender 365 portal

Message: Invalid license, contact administrator


You don't have Microsoft 365 license assigned, or your organization doesn't have a license for Microsoft 365 Enterprise subscription.


Contact your administrator for help.

Report unsafe site

Phishing websites impersonate trustworthy websites for obtaining your personal or financial information. Visit the Provide feedback about network protection page if you want to report a website that could be a phishing site.

Phishing pages aren't blocked on some OEM devices

Applies to: Specific OEMs only

  • Xiaomi

Phishing and harmful web threats detected by Defender for Endpoint for Android aren't blocked on some Xiaomi devices. The following functionality doesn't work on these devices.

A site-unsafe notification message


Xiaomi devices include a new permission model. This permission model prevents Defender for Endpoint for Android from displaying pop-up windows while it runs in the background.

Xiaomi devices permission: "Display pop-up windows while running in the background."

The pop-up setting pane in the Microsoft Defender 365 portal


Enable the required permission on Xiaomi devices.

  • Display pop-up windows while running in the background.

Unable to allow permission for 'Permanent protection' during onboarding on some OEM devices

Applies to: Specific OEM devices only.

  • Xiaomi

Defender App asks for Battery Optimization/Permanent Protection permission on devices as part of app onboarding, and selecting Allow returns an error that the permission couldn't be set. It only affects the last permission called "Permanent Protection."


Xiaomi changed the battery optimization permissions in Android 11. Defender for Endpoint isn't allowed to configure this setting to ignore battery optimizations.


  1. Install MDE app in personal profile. (Sign-in isn't required.)
  2. Open the Company Portal and tap on Settings.
  3. Go to the Battery Optimization section, tap on the Turn Off button, and then select on Allow to turn off Battery Optimization for the Company Portal.
  4. Again, go to the Battery Optimization section and tap on the Turn On button. The battery saver section opens.
  5. Find the Defender app and tap on it.
  6. Select No Restriction. Go back to the Defender app in work profile and tap on Allow button.
  7. The application shouldn't be uninstalled from personal profile for this to work.


This is a temporary workaround. This can be used to unblock onboarding on Xiaomi devices. The Defender team is working on a permanent fix. As the MDE app is not onboarded in the personal profile, it will not have any visibility there.

Unable to use banking applications with MDE app

Applies to: Banking apps like iMobile Pay (ICICI), PNB ONE.

Cause: Android allows apps in the personal profile to check if there's a VPN active on the device, even outside of the personal profile. The banking app checks that and blocks it in VPN work profiles only. The banking app doesn't work with any other VPN product.

Solution: Users need to disable MDE VPN from the Settings page. The following steps can be used:

  1. Go to Settings on the mobile device.
  2. Search for VPN or open 'Network and Internet' and select on VPN.
  3. Select on Microsoft Defender and select Disconnect.

Users should enable VPN when they're no longer using the banking app to ensure that their devices are protected.


This a temporary workaround. We are working on other alternatives to provide users more control over the VPN settings from wihtin the app.

Send in-app feedback

If a user faces an issue, which isn't already addressed in the above sections or is unable to resolve using the listed steps, the user can provide in-app feedback along with diagnostic data. Our team can then investigate the logs to provide the right solution. Users can follow these steps to do the same:

  1. Open the MDE application on your device and select on the profile icon in the top-left corner.

    The profile icon in the Microsoft Defender for Endpoint portal

  2. Select "Help & feedback".

    The Help & feedback option that can be selected in the Microsoft Defender for Endpoint portal

  3. Select "Send feedback to Microsoft".

    Select send feedback to Microsoft

  4. Choose from the given options. To report an issue, select "I want to report an issue".

    The I want to report an issue option

  5. Provide details of the issue that you're facing and check "Send diagnostic data". We recommend checking "Include your email address" so that the team can reach back to you with a solution or a follow-up.

    The pane on which you can add details and attach diagnostic data

  6. Select on "Submit" to successfully send the feedback.


Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.