In our organization, we have enforced a device compliance policy to ensure that business applications are accessible only from compliant devices.

However, the Clarity Mobile App uses a built-in browser that does not pass device information to Microsoft during the SSO process. As a result, Microsoft identifies the device as unknown and blocks access.

Is this a known issue?

Clarity Mobile App

By design, the Clarity Mobile App built-in browser does not send device information to IDP.

Possible approaches:

• Use the mobile device's system browser instead of the native app
• Exclude the Clarity app registration from the device compliance Conditional Access policy
• Raise with Broadcom Product Management an enhancement to request MSAL/broker integration in a future release