With Intune Integration (Legacy) setup - the consensus seems to be to enable JamfAAD to use WKWebView for the best performance. I've pushed that option via profile, and it works well through the first part of the Azure registration. The problem is, using WKWebView we never get to that Jamf Native macOS Connector window...so it seems to finish with no errors, but the computer never actually gets registered. Every time you try to access a resource targeted by conditional access, it takes you back to the message that this device needs to be set up for access.
If I turn the WKWebView option off and set the default browser to Safari, it works (including the Jamf Native macOS Connector prompt). Hoping I'm missing something easy and obvious.