I have integrated Microsoft Intune SDK in iOS application. Able to perform all operation mainly sharing files from Outlook to my application.
I installed my application, outlook,etc on fresh device from company portal. When I share any file from Outlook to My application it shows Microsoft login screen only once as below:
It ask for login credential only once at first time share file.
I don't want to show Microsoft login screen, it must automatically authenticate using broker app like Company portal, outlook, etc.
As per Intune documentation, I have already added configuration in iOS info.plist i.e. "AutoEnrollOnLaunch" to true.
How do I completely avoid showing MS login screen?
Related
My App works for different clients (based on the configurations after the actual login).
I want to integrate Intune MAM SDK into a specific client. It need not affect the other clients (meaning should not affect the MAM policy to other clients)
Scenario:
let's take two clients A and B.
A wants to integrate Intune MAM SDK
B doesn't want to integrate the SDK
Expecting:
if B downloads an app from the google play store or apple store, he can able to use an app with a normal login flow.
but if A download app from stores, he should not able to use the app with normal login flow. (he needs to download an app from the company portal to control the app. Then login needs to work)
is there any way we can get to know that app downloads from the company portal not from stores (make sure that it should affect the other client's login flow)
Can anyone tell me how can I achieve this?
We have Azure Active Directory with Security Default enabled. We have the MVC application which is creating the users in the Azure active directory using graph API (https://learn.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0&tabs=http).
When I logged in the first time using a newly created user into the azure portal, it asked for more information to set up the Microsoft Authenticator app on my phone. I set up an account in the authenticator app successfully. When I tried to sign in again after sign out, it supposes to send me a notification on phone for approval. But portal allowed me to sign in without MFA verification.
The Security Default setting is not working as expected when the user is created using graph API tried to login into the MVC application. It is working fine when I tried to login into the portal.azure.com.
Is there any solution to this issue?
We have our iOS app which has its own login mechanism and one of our customer uses SSO login (use MS account) in our app. And now they asked to integrate MS Intune in the app as they want to apple app protection policies on our app.
I've started integrated the ms Intune iOS SDK along with MSAL library as described in the documentation.
But I'm stuck with a issue which is described in the document (https://learn.microsoft.com/en-us/mem/intune/developer/app-sdk-ios#apps-that-do-not-use-adal-or-msal)
"Apps that do not use ADAL or MSAL
Apps that do not sign in the user using ADAL or MSAL can still receive app protection policy from the Intune MAM service by calling the API to have the SDK handle that authentication. Apps should use this technique when they have not authenticated a user with Azure AD but still need to retrieve app protection policy to help protect data. An example is if another authentication service is being used for app sign-in, or if the app does not support signing in at all. To do this, the application can call the loginAndEnrollAccount method on the IntuneMAMEnrollmentManager instance:"
According to it, in order for the app to receive the policies, it has to do login and enroll by calling the loginAndEnrollAccount API. But once I call this API, it takes me to MS login page where I can input email/password and if success delegate method gets called.
But my question, I end up with two login flow in my app (one by our own login and another from ms Intune), so not sure whether it is correct behavior or not.
Please let me know if you already worked on ms Intune in iOS.
Thanks.
I have usecase to fetch login cache from Microsoft Intune Company Portal App.
My app already has Azure Ad Sdk integrated. However after looking inside the code, I am wondering Azure ad sdk works only with Authenticator App rather than any other.
As the callback fails and no token is fetched.
Can anyone help me on this. How to invoke a token from Company Portal App. As this is issue only with iOS and working perfectly with Android.
Note: Keychain Id is also mentioned for 'adalcache'
I am currently creating Universal Windows App (native) that uses Microsoft Graph API. For authentication, I used ADAL for .NET library by calling GetTokenAsync() on the AuthenticationContext (https://github.com/AzureAD/azure-activedirectory-library-for-dotnet). The library will automatically prompt a login window for the user to enter its credentials.
Later I was required to open a OneNote URL on a web browser. I managed to get the note URL from the Microsoft Graph API (OneNote API) and then I realized when I tried to open the URL on a browser I was redirected to the Microsoft login page (http://login.microsoftonline.com).
This is not very good for user experience because they needed to enter their credentials twice (on the ADAL prompt window and on the browser). Is there any way whatsoever so that the user can do the login activity only once?
User needs to enter their creds on Microsoft online website but not twice. please debug the app and store this context ticket so you can use it in your win universial app. by the way, make sure that you are not pointing your app to two different api endpoints. go with the Microsoft graph api endpoint but not any other legacy endpoint for your app. Hope this helps.