Add an identifier that ADFS can find that app is Box for EMM in User-Agent.
Could you please consider adding an identifier that ADFS can find that app is Box for EMM in User-Agent.
We found Box for EMM does not include any identifier like "Box for EMM" in its User-Agent when doing authentication with MAM checked-in. We just only allow access that "Box for EMM" includes in User-Agent. Therefore, ADFS cannot determine whether an application is Box for EMM or not and the user is unable to access from Box for EMM.
takaaki kumagai commented
Today, when Box for EMM of iOS performs MAM authentication, it is not possible to perform additional authentication configuration using browser-like functions such as certificate authentication.
The 'Safari View Controller' cannot solve this issue.
Because this certification is performed by the Intune library.
Another scenario is to configure Box for EMM so that the Intune library uses ADAL or MSAL authentication.
With this method, Box for EMM can use certificate authentication for MAM authentication.