Which Windows Licenses are required to manage BitLocker through Intune

License Confusion for Managing BitLocker via Intune

Scenario:

We are managing BitLocker through Intune, with recovery keys backed up to Entra ID for both Hybrid and Entra ID-joined devices. Our devices run Windows 10/11 Professional, and we have EMS E3 licenses.

Confusion:

• Most Microsoft documents state that Windows 10/11 Professional is sufficient to enable and manage BitLocker.
• However, one document mentions that Windows 10/11 Enterprise is required to manage BitLocker using CSP (Configuration Service Provider).

We need clarification on whether Windows 10/11 Professional is fully capable of BitLocker management via Intune or if Enterprise is required for CSP-based management.

I am providing reference Microsoft articles and screenshots to support this.

BitLocker Enablement:

https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/#windows-edition-and-licensing-requirements

BitLocker Management: 
https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/configure?tabs=common#windows-edition-and-licensing-requirements

Encrypt Devices with Intune:

https://learn.microsoft.com/en-us/mem/intune/protect/encrypt-devices#view-details-for-recovery-keys

You can find this paragraph in above document.

"Information for BitLocker is obtained using the (CSP). BitLocker CSP is supported on Windows 10 version 1703 and later, Windows 10 Pro version 1809 and later, and Windows 11."

Contradictory Statement Document:

https://learn.microsoft.com/en-us/windows/client-management/mdm/bitlocker-csp