IBM Support

Device registration steps for Azure Conditional Access - Android

How To


Summary

MaaS360 uses the Microsoft Authenticator broker app to register devices into Azure AD. After the registration, the MaaS360 portal sends the device compliance status returned from the devices to Azure AD, where Conditional Access makes decisions to either grant or deny access to Microsoft-approved cloud apps.

Steps

Follow these steps to register your app in Azure AD:

1. Navigate to MaaS360 Settings > Corporate Settings and then tap Configure Microsoft Authenticator. You will be redirected to the Google Play Store where you can download and install the Microsoft Authenticator app.

Configure MA appConfigure MA appInstalling MA app

2. After installing the app, tap the Configure Microsoft Authenticator option in the Corporate Settings again to initiate the device registration. The Register your device dialog box is displayed.

Register device

3. Click Continue. The Microsoft Sign-in page is displayed.

Sign in page

4. Provide valid user credentials and follow the on-screen instructions to complete the registration.

Microsoft Sign in  Register Success 

Note: If the configuration fails, please reach out to your corporate administrator. If the registration is successful, a device record is created in the Azure AD portal.

After registering the device to Azure AD for Conditional access, users can tap the new Recheck Status button to check the latest device registration status. If the authentication details are missing or the device is removed from the Azure portal, users are redirected to the authentication screen to complete the device registration again.

Refresh Status

How it works

Conditional Access verifies the device enrollment status, Azure AD registration, and device corporate policy compliance to grant access to the Microsoft approved cloud services (or apps).

If the device does not comply with the organization's policies, access to Microsoft services and apps is blocked.

image-20210329222548-8

While accessing the Azure services, if the device is either not enrolled or registered to Azure AD, the access to Microsoft services and apps is blocked and the following screen is displayed. Users must tap Enrol Now to initiate the enrolment and device registration.

image-20210329222548-9

Note: If you notice any issue while authentication, device registration, or accessing Azure services, please contact your administrator for further assistance.

Document Location

Worldwide

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSXX","label":"IBM MaaS360"},"ARM Category":[{"code":"a8m0z000000070YAAQ","label":"COMPLIANCE"},{"code":"a8m0z0000000712AAA","label":"INTEGRATIONS"}],"ARM Case Number":"","Platform":[{"code":"PF003","label":"Android"}],"Version":"All Version(s)"}]

Document Information

Modified date:
01 December 2021

UID

ibm16437477

Page Feedback