Within the Workday service you have the option to configure the "Enable Mobile Browser SSO for Native Apps" and set it to True. While logging in the Workday app, a browser session is started and you will be able to logon.
For iOS another option is released, that allows you to Use SSO app extensions on more iOS/iPadOS apps with the Microsoft Enterprise SSO plug-in for apps that do not support the MSAL.
Do you have any Conditional Access policies configured for Exchange Online? Most likely you are requiring a compliant device in one of your Conditional Access policies. To be compliant, enrollment is required.
Hi @NiklasFth-7951
Within the Workday service you have the option to configure the "Enable Mobile Browser SSO for Native Apps" and set it to True. While logging in the Workday app, a browser session is started and you will be able to logon.
For iOS another option is released, that allows you to Use SSO app extensions on more iOS/iPadOS apps with the Microsoft Enterprise SSO plug-in for apps that do not support the MSAL.
Read more about it here: https://docs.microsoft.com/en-us/mem/intune/fundamentals/whats-new#use-sso-app-extensions-on-more-iosipados-apps-with-the-microsoft-enterprise-sso-plug-in. @ChrisFors-1758 this could also help you with SalesForce.
kind regards,
Peter