By: Harish S | Sr. Product Manager - Microsoft Defender & Rishita Sarin | Product Manager 2 - Microsoft Intune
One tap to compliance: Introducing the Resolve workflow for Compliance Remediation in Microsoft Intune and Microsoft Defender on iOS.
We’re thrilled to announce a major step forward in simplifying the compliance remediation experience for users and IT admins alike. As part of a collaboration between Microsoft Intune and Microsoft Defender, we’re introducing a new compliance remediation workflow, which uses a Resolve button to make it easier than ever for users to bring their mobile device back into compliance.
Why this matters
Traditionally, when a user’s device was marked noncompliant due to missing security apps like Microsoft Defender, they had to navigate through multiple apps, follow multi-step instructions, and often re-authenticate – often to resolve a single issue. This created friction, confusion, and delays in regaining access to corporate resources.
With the new end-to-end remediation workflow triggered by the Resolve button, we’re eliminating those extra steps.
What’s news
Starting with the latest releases in Intune and Defender, users on iOS and iPadOS will have a Resolve button directly within Microsoft 365 productivity apps (such as Microsoft Outlook or Teams) when their device is non-compliant due to Defender-related requirements. This button:
- Detects the non-compliance reason.
- Launches or installs Microsoft Defender if it’s missing.
- Automatically re-evaluates compliance requirements once Defender is running.
- Returns the user to their app – no switching, no guesswork.
This is powered by just-in-time (JIT) registration and compliance remediation which embeds the compliance flow directly into the app experience.
Microsoft Defender experience: Guided, automated, and frictionless return to compliance
The Resolve button is more than just a shortcut, it’s the entry point to a guided remediation workflow powered by Defender. Once launched:
- Defender auto-triggers a guided workflow that remediates issues with minimal or no user interaction.
- A checklist guides the user through necessary steps to return to compliance, ensuring clarity and confidence on common scenarios such as authentication issues, missing permissions, device registration issues, remediate active threats, and more.
- Upon completion, Defender updates the compliance state of the device.
- The user is automatically redirected back to the productivity app they started from with no manual navigation required.
This seamless handoff between Intune and Defender ensures that users stay focused on their work, not on troubleshooting.
Conclusion
Effortless for users, efficient for admins.
If you already use JIT registration and compliance remediation in Intune for enrolled iOS devices, the Resolve button is automatically enabled for supported scenarios. If not, consider setting up JIT now to experience the new compliance remediation experience, it’s simple to configure and significantly improves user experience and support efficiency. Refer to the following documentation for more information:
- Set up just-in-time registration
- Use JIT registration and JIT compliance remediation for all your iOS/iPadOS enrollments
If you have any questions, leave a comment on this post or reach out on X @IntuneSuppTeam.
