Let’s discuss Enable Automatic Sign-in to Bing MSN and Copilot in Microsoft Edge Browser using Intune. Microsoft Intune allows users to automatically Sign-in to Bing MSN and Copilot by using proactive authentication policy.
The proactive authentication in Microsoft Edge, that connects the signed-in user identity with Microsoft Bing, MSN and Copilot services for a smooth and consistent sign-in experience. By configuring this policy, users will get optimized experience with features like personalized search results and the Enterprise New Tab Page.
This policy helps admins to centrally manage and enforce for all Windows devices. To secure and protect organisation’s data, proactive authentication policy will helps you. Users will get a single sign-on (SSO) experience across Microsoft services like Bing, MSN, and Copilot.
Proactive authentication policy applicable for Windows 365 cloud PC scenarios. After enabling this policy, Edge browser doesn’t wait for the user to visit a specific website to ask for credentials. Instead, it proactively uses the existing, secure authentication token from the Windows session to establish a connection with Microsoft services.
Table of Contents
Enable Automatic Sign-in to Bing MSN and Copilot in Microsoft Edge Browser using Intune
By enabling this policy for Edge Bing, searches on Bing are automatically associated with their corporate identity. As you know that, stands for Microsoft Network, is a web portal and collection of internet services provided by Microsoft. After enabling this policy the default new tab page in Edge transforms into a personalized hub for the employee.
With this policy, Copilot can use information from the user’s corporate data (e.g., in SharePoint or OneDrive) to answer questions or summarize documents. With this poliy, fundamental link that connects a user’s Windows login to their browser and cloud-based services.
- Allow Basic Authentication for HTTP Using Setting Catalog in Intune
- Enforce Windows Credential UI for Edge and Negotiate Challenges using Intune
- Enable Automatic HTTPS Policy to Switch Connections from HTTP to HTTPS using Intune
Steps to Configure Automatic Sign-in Policy
Proactive authentication policy can be easily configured with Intune Settings Catalog. To configure the policy, Sign in to Microsoft Intune Admin center. Then go to Devices > Configurations > Create > New Policy.
Profile Creation for Policy
Profile Creation is very essential for Intune policy creation. This step helps to select accurate platform and profile type. Here, I selected Windows 10 and later as the Platform and Settings catalog as the profile type. Then click on the Create button.
Add Name and Description for Policy
Basic Tab helps users to add appropriate Name and Description for the settings you want to configure policy. Here Name fields helps to identify the policy and Description is helps to know the details of the policy. Here Name is mandatory and Description is optional. After adding this click on the Next button.
Select Specific Settings – Settings Picker
From the Configuration Settings tab you can select settings from different categories. Click on the +Add Settings get the Settings Picker. Here, I would like to select the settings by browsing by Category. I choose Microsoft Edge and choose Identity and sign-in. From this sub-category, I choose Enable proactive authentication settings.
Disable Proactive Authentication
If you disable this policy, Microsoft Edge does not send authentications requests to these services and users will need to manually sign-in. Disable is the default value for this policy and if you want to go with this, click on the Next Button.
Enable Proactive Authentication
If you enable this policy, Microsoft Edge authentication requests are automatically sent to the services using the account that is signed-in to the browser. Here I would like to Enable this policy and click on the Next button.
Scope Tags
The scope tags, section allow to can restrict the visibility of the Scareware Blocker Protection in MS Edge. It helps to organise resources as well. Here I would like to skip this section, because it is not mandatory. Click on the Next button.
Assign the Specific Group
Assign the Specific Group for Proactive Authentication is necessary for to configure the policy to specific devics. For this select groups according to your needs. Here I click, +Add groups option under Included groups. I choose a group from the list of groups and click on the Select button. Again, I click on the Select button to continue.
Complete the Policy Creation
After completing all the step, finally you can complete the policy using Review +Create tab. Here you can review all the details and create the Policy. After creating the policy, you will get a success message.
Monitoring Status of the Policy
The Monitoring Status page shows if the policy is succeeded or not. o quickly configure the policy and take advantage of the policy sync the assigned device on Company Portal. Open the Intune Portal. Go to Devices > Configuration > Search for the Policy. Here, the policy shows as succeeded.
Use Event Viewer for Client Side Verification
You can use Event Viewer to check the client side verification. To verify the policy is successfully configured to the client device, check the Event Viewer. Open Event Viewer: Go to Start > Event Viewer. Navigate to Logs: In the left pane, go to Application and Services Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Admin.
- Filter for Event ID 814: This will help you quickly find the relevant logs.
| Event ID Details |
|---|
| MDM PolicyManager: Set policy string, Policy: (ProactiveAuthWorkflowEnabled), Area: (microsoft_edgev126~Policy~microsoft_edge~Identity), EnrollmentID requesting merge: (EB427D85-802F-46D9-A3E2-D5B414587F63), Current User: (Device), String: (), Enrollment Type: (0x6), Scope: (0x0). |
Removing the Assigned Group from Proactive Authentication
If you want to remove the Assigned group from the policy, it is possible from the Intune Portal. To do this, open the Policy on Intune Portal and edit the Assignments tab and the Remove Policy.
To get more detailed information, you can refer to our previous post – Learn How to Delete or Remove App Assignment from Intune using by Step-by-Step Guide.
How to Delete Disable Edge Proactive Authentication
Policy deletion is needed for some reasons. It may be needed for some security reasons. From the Configuration section, you can delete the policy. It will completely remove from the client devices.
For detailed information, you can refer to our previous post – How to Delete Allow Clipboard History Policy in Intune Step by Step Guide.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.