MicrosoftI’m thrilled to see that you’re actively supporting Vision Pro! Recently, Microsoft Authenticator became available, which is fantastic. However, it would be incredibly helpful to have an option to differentiate between iOS and visionOS devices when configuring MAM policies. For instance, I need to set different minimum OS versions for iOS and visionOS, as their versioning schemes differ.
Additionally, it would be great to customize other policies based on device type. For example, on iOS devices, I can configure the inactive timeout policy to prompt for a password or Face ID after one minute when the app is minimized. On Vision Pro, however, apps like Microsoft Teams lose focus much more frequently, and I’d prefer to set a significantly higher timeout value specifically for this device class. This kind of flexibility would greatly improve both user experience and device management.
Currently, the only way to support Vision Pro (AVP) is to lower the security requirements for all devices by removing the minimum OS version setting and increasing the timeout to high values. However, in our company—as in most others—the user base for AVP is not yet significant enough to justify this compromise. As a result, we’re left with no choice but to exclude Vision Pro devices entirely.
