/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
-
Unable to access full SAP SuccessFactors functionality within the Microsoft Teams mobile app on iPhone. Basic features such as chat, notifications, and some EC quick actions work, but full access fails during authentication.
-
Authentication fails because Microsoft Entra ID Conditional Access marks the device as non-compliant. The login attempt is routed through a Safari-based WebView instead of the device’s default browser (Microsoft Edge), preventing required device compliance information from being passed.
-
Access works when SAP SuccessFactors is opened directly in the Edge browser on the same device.
-
We can see Error logs similar to:
- Failure reason: Browser not supported
Additional details: The user is using a browser that does not support device identification so the device state is unknown. Access to the resource requires a compliant device. To see a list of browsers that support device identification, see https://learn.microsoft.com/entra/identity/conditional-access/concept-conditional-access-conditions#supported-browsers
- Failure reason: Browser not supported
Environment
SAP SuccessFactors HCM Suite
Reproducing the Issue
- Open the Microsoft Teams app on an iPhone and launch the SAP SuccessFactors app within Teams.
- Select the option to start or sign in.
- Observe that authentication is performed via a Safari-based WebView instead of the device’s default browser (Edge).
- Entra ID conditional access evaluates the sign-in and marks the device as non-compliant, resulting in login failure.
- Confirm that accessing SAP SuccessFactors directly in the Edge browser on the same device succeeds.
Cause
Microsoft Teams on iOS uses a Safari-based WebView for embedded authentication flows. Due to iOS operating system limitations, Teams cannot enforce the use of external browsers such as Microsoft Edge. As a result, the authentication flow does not pass the expected device information required by Entra ID conditional access policies, leading to sign-in failure. This behavior is consistent across iOS devices and is not specific to SAP configuration.
Resolution
This is expected behavior due to iOS WebView restrictions. Microsoft Teams on iOS cannot redirect authentication flows to the device’s default browser (Edge).
Workarounds:
- Access SAP SuccessFactors directly using the Microsoft Edge browser on the iPhone.
- Use the desktop version of Microsoft Teams where applicable.
- If required, submit a support ticket to Microsoft requesting an enhancement to allow external browser enforcement or proper forwarding of device compliance data from WebView-based authentication.
Note: SAP SuccessFactors cannot override the iOS WebView behavior within Microsoft Teams.
See Also
- KBA 3393964 - Supported Mobile Browsers for SAP SuccessFactors
- KBA 3347932 - SF MobileApp with MDM MS intunes - Failure to reconnect to the App with iOS - SAP for Me
- KBA 3314940 - Mobile Device Management (MDM) Access Restriction in SuccessFactors Mobile App - SAP for Me
- Help Portal Integration Between SAP SuccessFactors and Microsoft 365
- Help Portal SAP SuccessFactors App for Microsoft Teams
- Supported browsers for Conditional Access: Microsoft Entra ID Conditional Access
Keywords
teams ios, webview, safari webview, default browser ignored, conditional access, entra id, device non-compliant, iphone, mobile authentication, edge browser, chromium webview, successfactors in teams, login failed, sandbox limitation, ios browser policy , KBA , LOD-SF-EAS-WRK , Collaboration and Work Tech , LOD-SF-PLT-MOB , Mobile Issues , Problem
Product
Attachments
| Pasted image.png |
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)