Enforce Face ID or Touch ID for Microsoft Outlook using Hexnode app configurationSolved

Hexnode does not currently provide a dedicated restriction or policy checkbox to force Face ID or Touch ID specifically for Microsoft Outlook. For Outlook, this behavior depends on Microsoft’s supported app configuration keys. Hexnode can deploy app configuration payloads to the device, but Outlook itself decides whether the received key-value pairs are valid and whether the setting is applied. There are two possible approaches:

1. Manual configuration by the user Users can open Outlook and enable the biometric lock from Outlook settings, usually under Settings > Preferences > Require Face ID / Touch ID.
2. Managed app configuration If Microsoft supports enforcing this setting through app configuration, you can deploy the required XML or key-value configuration through Hexnode under the Outlook app configuration settings. If Hexnode shows the configuration payload as successfully deployed but Outlook does not apply the setting, the issue is likely with the Outlook app configuration schema, key name, value format, or Microsoft’s support for that setting—not with the Hexnode delivery mechanism.

I tested this on a single device and tried using a biometric-related Outlook app configuration key, but nothing changed inside Outlook. I also tried both singular and plural versions of the key name, and neither worked. So I’m guessing the XML format or Microsoft’s expected key is the problem.

That is the right way to narrow it down. Testing with one device first is recommended for app configuration payloads, especially with third-party apps.

The important distinction is:

• Hexnode can confirm whether the app configuration payload was delivered to the device.
• Hexnode cannot validate whether a third-party app such as Outlook accepts a specific XML structure, key name, or value.

  If the payload deployment status in Hexnode is successful, but Outlook does not enable Face ID or Touch ID, the next step is to verify the exact configuration key and supported value from Microsoft’s official Outlook app configuration documentation. Microsoft may change supported keys or may not support enforcing that particular in-app biometric setting through MDM app configuration in the expected way.

So the practical answer is that Hexnode can push the Outlook app configuration, but it can’t guarantee that Outlook will honor a Face ID/Touch ID key unless Microsoft documents and supports it. For now, users can still enable the option manually inside Outlook, but enforcing it depends on Microsoft’s app configuration support.