mattmarch  Freshman Member

@Zyxel_Melen, thanks for getting back to me. Currently utilizing the latest iOS 18.3. As you attempt to join the WiFi network using SAML, the captive portal opens and prompts for the user to authenticate with M365. If Microsoft Authenticator is being used, you have to leave the captive portal to accept the 2FA prompt from…

@Zyxel_Melen, it's also worth mentioning that if you're trying to connect using this mode from an iOS device, accepting any sort of authentication prompt from Microsoft is impossible as leaving the captive portal page on iOS will restart the process.

@Zyxel_Melen Is there any update on a potential fix for this or any advice from the development team?

Hi @Zyxel_Melen, Sure, the only difference is that the test account isn't already logged in and authenticated via the Edge browser, as well as utilizing the 'Microsoft Single Sign On' extension within Chrome. I believe the changes in the way the SP connects to the IDP needs to be reviewed, as we don't have this issue with…

Hi @Zyxel_Melen, Yes, I followed that exact guide to the letter. I tested an Entra account which isn't tied to my machine and found that worked straight away. There seems to be an issue where the SP is sending the RequestedAuthnContext value back to the IDP but may require another value. Please see the MS KB Post here:…