Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2807
Views
0
Helpful
15
Replies

Issue with SAML SSO based Password less BYOD flow for Apple devices

kshah2589
Level 1
Level 1

‎12-04-2023 02:34 PM

Hello Community,

The SAML SSO based Password less flow(from Meraki >> Cisco ISE >> Microsoft Azure )  with windows and Android devices working properly. We are having challenges with Apple devices. when we connect Apple devices to SSID, the apple CNA(mini browser) pop up automatically and get redirected to Microsoft login page where we are putting username and then getting 2-digit code in authenticator app to confirm. After that, looks like the flow breaks and as a result we couldn’t complete a successful authentication and redirected back to ISE to complete next page in flow(ex: AUP).

However, Disabling CNA allowing us to manually go to browser and type in http website for automatic redirection and we can be able to complete successful authentication and access the internet.

Let me know what could be the reason and how can we remediate the issue?

 

Regards,

Kunal

1 person had this problem
0 Helpful
15 Replies 15

joshhunter
Level 4
Level 4

‎11-21-2025 06:21 AM

I have now re-tested using the 'Captive Bypass Portal' feature on Cisco 9800. This allowed the Apple iPad/iPhone with the Microsoft Authenticator App on the same device to login via the Captive Portal Page using Cisco ISE - Azure SAML. 

Disabling Apple Captive Portal detection seems to be the only way to get this to work. By preventing the Mini-browser from opening it stops the session from being closed when the Microsoft Authenticator App is opened.

0 Helpful
Customers Also Viewed These Support Documents