2. If you haven't already done so, download and install the Microsoft Authenticator app. Sign in, and register your device in the Microsoft Authenticator app.
3. In the Apple App Store, search for the Microsoft Defender app.
4. Sign in and install the app.
6. Allow the Microsoft Defender app to set up a VPN connection and add VPN configurations.
7. Choose whether to allow notifications (such as alerts).
Device will not onboard. Not using InTune.
The problem was - the user was not registered to our organization in the Microsoft Authenticator app. Once I enabled that it appeared in AAD and Defender admin screens.
Need to update the instructions to say that even though MS Authenticator will ask you for your business username and password when installing the app - you still need to go back into settings and click on "Device Registration" and then sign in again with your business account.