Edge Mobile Will Support SSO and Conditional Access

Posted on April 22, 2019 by Paul Thurrott in Microsoft Edge, Mobile, iOS, Android with 9 Comments

Microsoft announced today that its Edge for Android and iOS will support Single Sign-On (SSO) and conditional access, two enterprise access protection technologies.

“Microsoft Enterprise Mobility + Security (EMS) is excited to deliver conditional access protection for Microsoft Edge on iOS and Android,” Microsoft product manager Mayunk Jain announced. “This integration expands your management capabilities as you deploy Microsoft Edge for the best browsing experience across all endpoints in the enterprise.”

Two new capabilities are now available for Edge mobile in public preview. They are:

Single sign-on (SSO). As it does for consumers with its Microsoft account (MSA), Microsoft allows its enterprise users to enjoy a single sign-on (SSO) experience across connected web apps and services via Azure Active Directory (AAD). So now, Microsoft Edge on mobile can take part in SSO, allowing users to access AAD-connected web apps and services without having to sign-in again.

Conditional access. Now, organizations can require their employees to use the Microsoft Intune-protected Edge mobile, instead of unprotected browsers like Safari or Chrome, to access AAD-connected web apps and services. “This allows you to secure access and prevent data leakage via unprotected browser applications,” Jain explains. “A similar protection can be applied to Office 365 services like Exchange Online and SharePoint Online, the Office portal, and access to on-premises (intranet) sites via the Azure AD Application Proxy.” Users who attempt to use an unprotected browser will be prompted to open Edge instead.

In addition to these features, Microsoft Edge on mobile also supports Dual-Identity (separate corporate and personal work identities), configuration settings (for a homepage shortcut, bookmarks, MyApps integration, Azure app proxy, allow and block URL lists, and more), fast page-rendering, and a rich set of personalization and productivity features when the device is managed by Microsoft EMS, Jain notes.

Tagged with ,

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Comments (9)

9 responses to “Edge Mobile Will Support SSO and Conditional Access”

  1. BoItmanLives

    Why would I want a copypaste knockoff Chrome on Android, when I've already got the real Chrome on Android ..built in, out of the box.

    And once MS realizes nobody cares about Chrome-Edge, they'll abandon it just like the previous half baked Edge.

    • mestiphal

      In reply to BoItmanLives:

      Also, if you have a Samsung, which comes with it's on browser which you can't uninstall either you can have a nice little collection!

    • Tony Barrett

      In reply to BoItmanLives:

      I have a feeling you may be right. Edge now has a stigma attached to it, which from past experience, will be hard to shift as Chromium Edge will still be called 'Edge'. MS have experienced this before, and never recovered.

      • Greg Green

        In reply to ghostrider:

        This is what I don’t understand. They have to change the product name because (my guess) 95% of the computer users don’t know about the new edge. And most of those are happy with real chrome, not fake chrome.

    • rm

      In reply to BoItmanLives:When your company doesn't let Chrome or any other browser run on your phone to protect company data, you will you Edge. Otherwise, if you use your MSA on a Windows computer and you want your browser information to sync without Google using that data to show you ads or sell to other companies for money.

  2. rm

    Sounds like the only browser you can you to properly protect your company information is to use Edge on your phone if you are using MSA or AAD. This is not an option if your company turns that requirement on for your phone.

  3. nbplopes

    Why is SSO such a special consideration of Edge and not of other browsers?. I use right now SSO across all browsers.

    What is this Sh* I’d protected vs unprotected. Please specify.

    Fear mongers.

  4. BoItmanLives

    In reply to MutualCore:

    Or Microsoft Privacy Invasion. It's just swapping one data thief for another.

    Fun fact, MS still hasn't provided a telemetry OFF switch for Windows 10.

    Off ya go.

  5. Eric Dunbar

    In reply to BoItmanLives:
    Not everyone wants to live under the yoke of Google privacy invasion.

    So they live under Microsoft's privacy invasion instead!