Forum Discussion

Charlie8002's avatar
Charlie8002
Copper Contributor
Aug 11, 2025

InTune policies blocking callback from Edge browser

InTune policies blocking callback from Edge browser

I'm using a BYOD Android phone enrolled in our company's InTune company portal. A few months ago, I ran into an issue where I'm unable to authenticate to a MatterMost chat server from the MM app in my work profile. When I enter the server address and click log in, it takes me to a browser window inside the MM app (but using Edge) to authenticate using the host organization's SSO. Once I enter my credentials, it sends a callback using this URI scheme:

mmauth://callback?MMAUTHTOKEN=<token>&MMCSRF=<more data>.

However it looks like Edge prevents this callback from reaching the MM app because I get a popup saying: 

No available apps 
There are no apps currently configured on this device that your organization allows to open this content. Please ensure you are signed in with your work or school account to your managed apps or contact your organization's support team.

I assume this is because our IT has either "Restrict web content transfer with other apps" or "Allow app to transfer data to other apps" policy settings enabled. In general things are pretty locked down so that data can't be shared between non-Microsoft apps, and even then some things can't be copied and pasted from one Microsoft app to another.

I reached out to our company IT support but he seemed to think the only possible solution was to allow Chrome inside the Work profile to bypass the Edge restrictions. For obvious reasons, no one in IT or the company leadership wanted to implement this solution.

Are there any other solutions where MatterMost or even just that specific "mmauth" URI can be white-listed in InTune to allow MatterMost to complete the authentication? Not looking to try to get around policies, but would like to have a informed discussion with our IT on maybe adjusting the policy to be more functional.

1 Reply

  • The error message you see “No available apps… your organisation allows to open this content”

    indicates that Intune's App Protection Policies (APP) or Mobile Application Management (MAM) settings are blocking Edge from passing the mmauth:// URI back to the Matter Most app. This usually occurs due to the restricted data transfer policies, such as:

    Restrict web content transfer with other apps

    allow app to transfer data to other apps set to “Policy managed apps only”

     

    Edge is being treated as a managed browser, which enforces strict URI handling and app handoff rules

     

    Matter Most not being listed as a managed app in Intune, hence it is blocked from receiving data from Edge

Resources