Sage People mobile app FAQs

  • Q: Are there any known limitations or differences in how the Salesforce Mobile App’s embedded browser passes device compliance or identifiers to Azure AD compared to Safari?

  • A: While the Salesforce Mobile App uses Safari's underlying web components, the key difference lies in the context and brokering of authentication. Direct Safari, especially when part of a device enrolled and managed by Intune MDM, can pass the necessary device compliance state through deeper OS-level integration. Salesforce designed the app's embedded sessions with privacy and security in mind. They isolate the app from general browsing data. Also, Salesforce uses its own MAM strategy and doesn’t integrate with the Microsoft Intune SDK. Therefore, these sessions don’t automatically provide the detailed device identity or compliance signals expected by Conditional Access policies that require device compliance. See Salesforce.com for more information.

  • Q: Are there any current or planned ways to support brokered authentication flows (for example, MSAL, Microsoft Authenticator integration)? This would enable the Salesforce Mobile App to pass required device compliance signals for Conditional Access.

  • A: Currently, there’s no roadmap for direct implementation.

  • Q: Does the Salesforce Mobile App support Intune App Protection Policies (MAM), and if so, can this resolve Conditional Access issues?

  • A: The Salesforce Mobile App doesn't directly support Microsoft Intune App Protection Policies (MAM) in the way that many other Microsoft or partner applications do. See Microsoft.com for more information.

  • Q: Are there any recommended troubleshooting steps or logs (for example, HAR logs) that can help diagnose this behavior more precisely?

  • A: Capturing the network log through the simulator is the only available option. Login works in the Safari browser but fails within the Salesforce Mobile App. This happens even though the app uses native Safari browser components. As confirmed by the referenced article, Salesforce's Mobile App is currently not supported for this login scenario. See Microsoft.com for more information.