Forum Discussion
Managed Home Screen MSAL - severe issuse
Hi Intune Community!
We are currently experiencing severe issues with Managed Home Screen and MSAL on our shared Android devices, managed as dedicated with Entra Shared mode.
Anyone else experiencing issues?
Quite often when a user types her user name at the MHS sign in page and press the Sign In button, the screen only blinks and nothing happens.
Only workaround is to restart the device and then it often works to sign in a user once or twice, until same issue happens again.
It affects all devices and all users and we have tried both the latest version of MHS and some older version. No difference.
Some things that we have seen is:
- If we exit kiosk mode and start the Intune app it says "Something went wrong" and shows a Register button. This is however gone when restarting the device. (see images below)
- If we start the Authenticator app, also after exit kiosk, it asks for "organization email" and shows a Register button. This is also back to normal once you restart the device. (see images below)
- If we let the device be after trying to sign in, 10-20 minutes later it has managed to sign in and asks for setting a Session PIN. The problem is that it is the user who last made a successful sign in who gets signed in. Huge security issue.
- We also see that Edge and Teams (probably other msal-enabled apps as well) doesn't behave as normal even if you successfully sign in. Teams ask what account to sign in with. Either selecting the suggested account or pressing the Back-button (<) signs you in. (see images below)
12 Replies
Hi, NiklasJenslov! Appreciate you flagging this. We confirmed with engineering that a fix was deployed last Friday (9/5) to address this issue. Please keep us posted if you continue to experience any issues with this. Thanks!
Hi,
As I wrote earlier in this thread, the issue is not solved for us, or at least have taken another shape.
Managed Home Screen MSAL - severe issuse | Microsoft Community Hub
Do you use overlay buttons? I've been looking into some troubleshooting. In my case when i was signing out with user A, the username remains filled in MHS login screen. I've checked then from debug menu the Authenticator app, and it's exactly like in your case: "requiring org email address to register the device". Now if i press the recent button and close all apps (including MHS), then the login screen is cleared. Checking again the authenticator app status, and it was ok (device registered in shared mode) and i can login with user B
Teams app is acting sometimes weird, asking my work email, or sometimes i get a pop-up screen where i'm asked to sign out (or cancel)
I assume is from MHS side, not sure. Hope Microsoft will fix this.
That definitely sounds like a serious issue. From what you’ve described, it seems MSAL token handling is failing under Managed Home Screen in shared device mode, which explains the blinking sign-in page, delayed logins, and wrong-user session carryover. The fact that apps like Edge and Teams are also misbehaving points to a broader MSAL/Entra Shared Mode integration bug rather than a device-specific configuration problem.
A few things worth checking while waiting for a fix:
Confirm devices are on the latest Android Enterprise and Intune Company Portal/Authenticator builds.
Try collecting logs with Company Portal > Help > Send Logs right after the failure—it might capture MSAL errors that can help escalate with Microsoft support.
If security is a major concern, consider temporarily disabling MHS on shared devices and using a simpler kiosk configuration until this stabilizes.
Since you’ve reproduced it across multiple versions of MHS and multiple users, I’d recommend opening a critical severity case with Microsoft—this looks like something that needs product team attention ASAP.
I 've send an email tomailto:email address removed for privacy reasons, this was their answer:
Thank you for reaching out. We are aware of the issue and working to resolve it as soon as possible.
Please open a ticket with Microsoft support for fastest assistance. Additionally, can you please upload logs from Managed Home Screen and reply to this mail with the log ID so we can investigate? To upload logs, tap the back button from within MHS 15 times. Select “Get help”à “Upload logs” and tap the green arrow. Please send the Easy ID.
Did you find a solution for this?
We started to face these issues also lately
We have kind of the same issue: when typing user name and hitting the sign in button, nothing happens, maybe some blinking.
Exit kiosk mode and clearing the cache of Managed Home Screen app helps for 1 or 2 times.
This happens on 50% of our shared devices.
A fix for this issue was pushed out on Friday, September 5, with version 6.2509.5952 of Authenticator app. We tested it on some devices, problem seems fixed.
For us it did not solve the issue.
Signing in to MHS now works, the part where the MHS Sign In screen just blinks is gone.
However, SSO to Edge and Teams does not work. Starting Teams signs you in as the previous user which is a huge security issue. Signing in to Teams doesnt work as expected either, but at least not signed in as someone else.
