We are using AuthenticationBroker (In a UWP App) to do SSO (IDP is Azure AD), and it is working fine if conditional access is not turned on with "Require Domain Joined Device".
But when it is turned on, it will fail with error message saying the device is not recognized, even the device is Azure AD joined.
We tried IE and Edge, it is working fine there.
We've also tried using WebView to do SSO, it is the same behavior.
My question is how do we authenticate user in UWP using SSO (Azure AD Join)?