iOS (Intune Managed Device) - Steps to activate SCA in your Azure Tenant
This guide shows you all required steps to onboard SCA in your environment. This configuration uses SCA with Mobile Application Management (MAM) within Microsoft Intune. Our App can be downloaded from the App Store directly and installed on any iOS/iPadOS device. The moment a user connects with the AAD-account, Conditional Access enforces our App to require an App Protection Policy for the SCA.
For this Quick Guide, the AAD-Role “Global Administrator” or a comparable Administrator role in Microsoft Intune is required, depending on your RBAC-Concept.
You need an Azure-User with a proper license assigned. The test-device for SCA should be deployed to Intune and have the latest OS-version and Microsoft Authenticator installed.
You need additionally an Azure-Security Group with your test user as Member.