Forum Discussion

Phillipp's avatar
Phillipp
Copper Contributor
Mar 25, 2025

Web-based device enrollment vs Company Portal

Hi everyone,

Microsoft recommended the web based device registration for IOS, especially bring your own device.

 

I went through the whole process. The main difference is that the user doesn't need to install the company portal and you need to configure the JIT (Just in time registration).

The enterprise portal should be delivered as a web application. 

 

The user experience:

 The user goes to the URL https://portal.manage.microsoft.com/enrollment/webenrollment/ios.

The profile is loaded, then the user has to go to the settings application and install the profile.

The user has access to the company portal with the web application. 

 

Microsoft recommends JIT (just in time registration) for web-based device registration.

I see the advantage of less logins for the user (thanks to JIT) and no Company Portal app on the device.

What is the advantage of web-based device enrolment?

Why did Microsoft recommend this method of registration?

Intune
mobile device management (mdm)

2 Replies

  • Bogdan_Guinea's avatar
    Bogdan_Guinea
    Iron Contributor
    Apr 23, 2025

    Hy,

    good point..

    So the Key Features and Advantages:

    No Company Portal App Required: Users do not need to install the Intune Company Portal app. Enrollment is completed through Safari and the device’s Settings app, streamlining the process and reducing app clutter on personal devices.

    (JIT) Registration: JIT registration is recommended (and in some cases required) for web-based enrollment. It leverages the Microsoft Authenticator app to register the device with Azure AD at the moment of need, enabling single sign-on (SSO) and reducing the number of times users must authenticate during both enrollment and subsequent app access, but you had also pointed through this 😉

    User-Friendly Experience: The process is faster and more intuitive, with clear guidance provided at each step. Users initiate enrollment by visiting a dedicated URL, download and install a management profile via Settings, and are then ready to access company resources through a web-based portal.

    BYOD Focus: This method is ideal for personal devices, as it protects corporate data without intruding on personal data or apps. 

     

    Hope it helps.

    Good luck!

    • Bogdan_Guinea's avatar
      Bogdan_Guinea
      Iron Contributor
      Aug 02, 2025

      Phillipp​ 

      Hi,

      If the provided solution addressed your issue, please mark my answer on the case as resolved. This will help others identify helpful solutions more easily.

      Thank you, and wishing you all the best!

Resources