Custom WebView not working in Shared Device Mode #2366
Comments
|
I have done some more testing and I can confirm that this is definitely a bug. Enabling Shared Device Mode causes the This can be easily replicated by simply installing and uninstalling the Authenticator app on a device configured with Shared Device Mode. Attached are 2 screenshots running exactly the same code with It is almost like MSAL somehow launches the Authenticator App's WebView (when it is installed and using Shared Device Mode) but doesn't respect any of the WebView settings. Any idea how to fix this? The WebView being launched doesn't support our authentication method so we need to set a different type.
|
|
Hi @Joe-Palmer, Shared Device Mode relies on the Microsoft Enterprise SSO extension for authentication. When the SSO extension is enabled for the device and the Authenticator app is downloaded, the SSO extension's UI will show up over your app and handle the login request using the improved SSO and security features offered by the Authenticator app. It's true that in this case, the login webview belongs to the SSO extension rather than the to the MSAL implementation in your app. This behavior is expected whenever the SSO extension is enabled for the device, not only in Shared Device Mode.
Could you share more about this? The SSO extension has capabilities to provide SSO with the Safari browser and other apps that do not use MSAL. |
We have built authentication into our app using a custom WebView as described here:
https://learn.microsoft.com/en-us/entra/msal/objc/customize-webviews#change-per-interactive-request
This works fine on all devices except those we have configured with Intune to use Shared Device Mode.
I can't find any documentation that says this won't work and I can't think of any reason why it shouldn't so is this a bug?
The text was updated successfully, but these errors were encountered: