From ccde442de86f2bd782505f8bfdf9c6a13c5466fc Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Mon, 19 Aug 2019 10:23:04 +0300
Subject: [PATCH] add note about CSP

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4529
---
 .../mdm/federated-authentication-device-enrollment.md          | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/client-management/mdm/federated-authentication-device-enrollment.md b/windows/client-management/mdm/federated-authentication-device-enrollment.md
index dff91fd372..1a6424530a 100644
--- a/windows/client-management/mdm/federated-authentication-device-enrollment.md
+++ b/windows/client-management/mdm/federated-authentication-device-enrollment.md
@@ -167,6 +167,9 @@ AuthenticationServiceUrl?appru=<appid>&amp;login_hint=<User Principal Name>
 
 After authentication is complete, the auth server should return an HTML form document with a POST method action of appid identified in the query string parameter.
 
+> [!NOTE]
+> To make an application compatible with strict CSP (Content Security Policy) it is usually necessary to make some changes to HTML templates and client-side code, add the policy header, and test that everything works properly once the policy is deployed.
+
 ```
 HTTP/1.1 200 OK 
 Content-Type: text/html; charset=UTF-8