outlook - Conditional Access Policy Blocking Compliant Device in WebView2 - Stack Overflow

admin管理员组

文章数量:1392007

We have set a compliance policy in MS Entra to require that only devices that are registered and compliant with our email tenant can access our WebView2 email application. Prior to creating and sending new email messages, the user must login to their account. We have verified that the policy works properly when logging in with Outlook, but not with the WebView2 app. Below is the policy that was created. The target resource is 'Office 365'.

Here is the compliant device listed in Entra:

This is the result when the user logs in to their account from within the WebView2 app:

I assume the answer lies in either our WebView2 browser setup, or with our interface to GraphAPI. Here are some of the changes we've made to the Graph application builder.

Using UseEmbeddedWebView for the auth process with both true and false has had no effect:

I've also tried creating some additional browser arguments in the WebView2 code.

There isn't much documentation online to solve this. I've seen where MS has posted code that enables the WebView2 browser to use the auth for the user that logged into Windows. This won't work for us as we allow the user to login with multiple email accounts when sending email.

Any help resolving this would be greatly appreciated. We have users that are stuck until we get a solution for this.

Thanks!

本文标签： outlookConditional Access Policy Blocking Compliant Device in WebView2Stack Overflow