Microsoft is releasing Just in Time Registration for Setup Assistant with modern authentication for iOS and iPadOS devices that enroll through Apple’s Automated Device Enrollment.
According to a Microsoft blog, this is an improvement to the Setup Assistant with modern authentication enrollment method since it no longer requires the Company Portal app for Azure AD registration or compliance checking.
Microsoft says by removing the Company Portal requirement, it eliminated extraneous steps, removed required app downloads that can’t be changed, and put an end to switching between apps to get the device compliant. This is designed to streamline the user flow.
With JIT Registration, once the user completes enrollment during Setup Assistant and lands on the home screen, the user authentication can be completed in any Microsoft Office application to register the device with Azure AD and kick off compliance, according to Microsoft.
The compliance checks are integrated right into the Office app that is used for authentication, so the user doesn’t need to switch between multiple apps to understand the steps that they need to take to become compliant, the company says.
Microsoft is utilizing Apple’s single sign-on (SSO) extension functionality to significantly minimize authentication prompts. The first authentication in Setup Assistant completes enrollment and establishes user device affinity while the next authentication handles Azure AD registration within a pre-authorized Office app.
According to Microsoft, this ensures that SSO is fully established across the device. These authentications are all that are required to fully enroll the corporate device with Intune, register it with Azure AD, and ensure compliance on the device with a fully integrated compliance experience right within any Office app.
Read the Microsoft blog to learn about how to setup the admin-side configuration for JIT Registration for ADE, or watch this video.
Leave a Reply