Edge iOS authentication loop on Intune-managed device with Microsoft Enterprise SSO plug-in enabled
Hello Team,
I’m experiencing a pretty weird issue with Edge on an iPhone 12 (16.5) enrolled in Intune with user affinity. I have an Azure AD user logged into the browser with sync enabled. The user is logged in to all Microsoft apps using the Microsoft Enterprise SSO plug-in for Apple devices.. Here’s a .gif of the issue:
Whenever I attempt to login to any website that uses Azure AD as its idP, the browser gets stuck at the login.microsoftonline.com endpoint and eventually enters what appears to be a loop with the Microsoft Authenticator app. This behavior is exclusive to Edge. All other Microsoft apps authenticate the user successfully using the SSO plug-in.
Here are the Intune management settings enabled on the device:
- Device configuration policy settings
- Single sign-on app extension is enabled
- SSO app extension type: Azure AD
- Additional configuration for single sign-on app extension
- Single sign-on app extension is enabled
- App configuration policy settings for Edge
-
- App protection policy for all Microsoft apps
-
In addition to those settings, I do also have Safari hidden via a device restrictions policy. The goal is for all users to use Edge only.
Any idea what might be driving this issue?