Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. If you have extra questions about this answer, please click "Comment". From there you can enter your username and passwords. Tap the + button at the top right corner. Use your Touch ID or Face ID to authenticate and you’ll be in your vault. When you tap Passwords the LastPass screen will come up. If the answer is helpful, please click "Accept Answer" and kindly upvote it. Simply tap the password field and you’ll see the word Passwords come up over your keyboard. Please check the above information and if there's any update, feel free to let us know. Go to the affected device->Device compliance, click each compliance policy and check if there's any error for any compliance settings.Go to Azure AD to see if the device is also compliant.Please get a screen shot of the conditional access policy details of the failed policy. find the failed policy and click it to see the detailed failed reason. A new Safari tab or window will open and at the bottom will be a 'Log In' link. Go to the sign in log and look into the "Conditional Access" tab. LastPass will now show in the left-hand column of the Extensions Preferences and it will show that the version is 4.9.0.37.To troubleshoot the issue, please collect the following information to clarify: From your description, it seems condition access policy block our access. Works fine for BYOD Android I might add IF its through the Work Reeves, Thanks for posting in Q&A. My assumption is the iOS app is using an embedded Safari browser that for some reason can't play with Conditional Access, however that is a HUGE issue because out LastPass is federated/SSO. UPDATE: As a work around I've removed the Compliant Device requirement for iOS and it works without issue. To see a list of browsers that support device identification, see Access to the resource requires a compliant device. The user is using a browser that does not support device identification so the device state is unknown. Sign-in log is also void of the Device ID in this specific log, so it's as if after signing in to the phone app that is SSO'd the deny message says they must use Edge or Safari, but the users are using Safari when they get the message. Sign-In logs show the user is using a non-compliant device, however the device IS compliant.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |