User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15

Steps to reproduce:

With Azure Conditional Access you can check if a computer is a company managed device (for example managed with Microsoft Intune/Endpoint Manager).
You can set policies like block access to company (Cloud) applications from unmanaged devices.

In chrome you need to install an addon (https://chrome.google.com/webstore/detail/windows-10-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji) and in Edge you need to logon with company account to get this work.
But no way in Firefox yet (https://chrome.google.com/webstore/detail/windows-10-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji)

So I think to get this work by Microsoft, Firefox needs access to the personal computer certificates. These certificates are used to check if it is a managed device.

Actual results:

For example access to applications are blocked in Firefox from all devices (managed/unmanaged).

Hello,

I've found something similar in Firefox Add-ons: https://addons.mozilla.org/en-US/firefox/addon/windows-10-accounts-port
Can you please check if that helps?

However, the Chrome extension is created by Microsoft, so they should offer it for Firefox as well, and in this case this bug is Invalid.

You pasted the same link twice, were there any Firefox errors you wanted to expose?
Thank you!

Thank you for your response!

Sorry about the duplicate link. I wanted to share the official Microsoft docs: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-conditions
Under Supported Browsers you can see that Firefox isn‘t listed.
So I tried to understand why it isn‘t supported. And I think because Firefox has no access to the personal computer certificates (not trusted root or intermediate certificates) to support a device authentication. Can you confirm this?

Sure, Microsoft should implement this add-on, but I think she can‘t, because Firefox is missing the ground functionality.
Here is an older thread who somebody contacted Microsoft support: https://social.technet.microsoft.com/Forums/en-US/eafe0951-3929-46d1-bcbd-bbe5c006f0e4/firefox-not-compatible-with-conditional-access-why?forum=microsoftintuneprod

I can check the Add-on you found, but I can‘t imagine that it works or our company will trust this third-party developer.

I am confirming this enhancement and move it to the Security component.
Please feel free to switch the component in case it is not correct. Thank you!

The feature is available with Firefox 91.

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/whats-new#public-preview---azure-ad-single-sign-on-and-device-based-conditional-access-support-in-firefox-on-windows-10

Thank you for the information! I'm glad it got fixed, I'm closing this issue.

Hi, can anybody tell me if this will also be fixed in Thunderbird? (E.g. related link bug 1697805)