Unable to access Azure AD SAML mobile app in android 8.0 mobile device

Gaurav Kumar 1 Reputation point
2024-04-23T11:47:24.5533333+00:00

We have an Azure AD enterprise app which supports SAML protocol for authentication. The app is working fine when accessed from system's browser, mobile device browser or when installed on personal Android /iOS device. However, when the same app is installed on MDM-registered device, the app is not accessible. The app can be accessed from the browser on the same device. The device is controlled by VMWare Workspace. The VMware team has also configured the SSO configs for this app in order to access it from the registered device. We are unable to see any sign-in attempts in the AAD sign in logs when the app is accessed from the registered Android device. (installed one) However, when it is accessed from the same device's browser, it is recorded in AAD sign-in logs. We are using PTA authn in our hybrid AAD environment. So the requests are going to ADFS from AAD for completing authN. When the app is accessed from browser, user gets the ADFS prompt to enter his creds, but not when the installed app is accessed. The user is getting the error page after entering his AAD creds. (error is attached.)Image

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
617 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,193 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,561 questions