Environment: Microsoft Office 365 federated with Okta, Device Trust with Intune for Azure Domain-joined devices.
The error below is returned whenever the user is attempting to use the "I forgot my PIN" link from the laptop login screen. Error displayed:
We can't open that page right now
For security reasons, you'll need to visit the page from a browser or a different device. If you think you've reached this page because of an error, tell your organization's IT support you can't access https://<SUBDOMAIN>.okta.com/app/office365/exkc5n09hn0N7v2OH696/sso/wsfed/passive.
- Intune Device Management
- Azure Domain Joined Devices
- Windows PIN
- Microsoft Office 365 (O365)
For Azure Government, there is a known issue with PIN reset on Azure AD-joined devices failing. When the user attempts to launch PIN reset, the PIN reset UI shows an error page that says:
We can't open that page right now.
The "Configure Web Sign In Allowed Urls" policy can be used to work around this issue. If experiencing this problem using the Azure US Government cloud, set login.microsoftonline.us as the value for the "Configure Web Sign In Allowed Urls" policy.
Microsoft documentation provides a step-by-step guide on how to resolve this issue: Configure allowed URLs for federated identity providers on Microsoft Entra joined devices.
That is the Configure Web Sign In Allowed Urls set to subdomain.okta.com
For further assistance, please reach out to Microsoft Support.
