Updated January 17, 2023: The change has been delayed. We will update this post when it's time to replan for this future change.
Updated December 19 2023: We’ve been hard at work to improve the...
Updated Dec 20, 2023
Version 11.0
Blog Post
5 MIN READ
Upcoming changes to iOS/iPadOS Company Portal app deployment for Setup Assistant with modern auth
AnyaNovicheva
Microsoft
MicrosoftHi Ginsmon_Joseph_IAEA, Darren O'Leary, and Peter_Holdridge, thank you for your feedback, it's very appreciated!
- The Company Portal authentication method is not affected with the changes outlined in this post, only Setup Assistant with modern authentication for iOS/iPadOS. However, I highly encourage you to move your iOS/iPadOS ADE enrollment profiles and devices over to Setup Assistant with modern authentication as soon as possible because we will be deprecating the Company Portal authentication method in the future. There will be a new blog post about this later on with more details. Setup Assistant with modern authentication is the main ADE authentication method for enrollment and we are continuously investing in improving the flow.
- While the Company Portal app is currently required for Azure AD registration and device compliance for Setup Assistant with modern auth, that will not always be the case when Just in Time Registration for Setup Assistant with modern auth (iOS/iPadOS) releases in public preview. With Just in Time Registration, the Company Portal will no longer be required for Azure AD registration or compliance checks, and this will all be handled behind the scenes with Apple's SSO extension and will be done with an authentication in a configured Office app. More details are coming on this soon in a blog post.
- Everyone will be required to stop the automatic deployment of the Company Portal app and app config policy from the Setup Assistant with modern authentication enrollment profile. We made this decision based on issues with the automatic deployment, which include the inability for auto-updates to work on the Company Portal, incorrect configuration of duplicating the app config policy, and back up and restore issues. Once JIT Registration releases in public preview, the Company Portal will be fully optional and you will be able to send it manually as an available or required app with the attached app config policy if your organization chooses to do so. That way, auto-updating of the Company Portal will work and there won't be any app config policy duplication that results in incorrect management profile downloads. Due to these issues that customers have been facing, Intune making the Company Portal piece optional allows for granular customization. Soon, admins will be able to configure and target the Company Portal exactly how they want, and this will get rid of any current issues.
Just to clarify, we are not removing the Company Portal aspect of Setup Assistant with modern authentication, we are making sure admins can configure and target the app exactly how they want while making it optional in the near future.
thank you!