Auto Deploy Progressive Web Applications (PWA) using Intune or PowerShell
Table of Contents
Objective
In this article I will walk you through installing progressive web app’s, or PWA’s to endpoint machines using either PowerShell or Microsoft Intune. You may want to do this for users with frontline licenses that grant them web apps but not full desktop application’s.
What are Progressive Web Applications?
Progressive Web Apps (PWAs) are web applications that use modern web technologies to deliver an app-like experience to users, but without requiring them to install a traditional app from an app store. Think of them as a blend between websites and mobile/desktop apps.
Resolution
Below, I will walk you through installing PWA’s on end user machines silently, without user interaction.
Intune
The intune configuration policy follows the WebAppInstallForceList. You can currently define default_launch_container, create_desktop_shortcut, fallback_app_name, custom_name, custom_icon and install_as_shortcut. The site goes into detail what each setting configures.
Note: Currently there are no settings to Pin to taskbar or to Pin to start. Users will be presented with a dialog box when they first launch the PWA asking if they would like to do either action.
- Go to the Intune admin center
- In the left pane, click Devices
- Select Windows
- Click configuration
- Click “+ Create” and select New Policy
- For Platform, select Windows 10 and later and for Profile Type select Settings Catalog.
- Give you policy a descriptive name. I gave mine “Edge – Install PWA – Office Apps” as this policy will install the office suite of apps (Teams, Outlook, PowerPoint, Word and Excel) in Microsoft Edge. The click Next
- In the Configuration Settings, click “+ Add Settings”. In the Settings picker lookup “WebAppInstallForceList”
- Since my policy is targeting Microsoft Edge, I will select Microsoft Edge and then select the first setting which will configure it on the device.
- Back in the Configuration Settings, toggle the “Configure list of force-installed Web Apps”
- In the “URLs for Web Apps to be silently installed” we are going to enter a
jsonstring that will contain multiple PWA’s and settings likeURL,default_launch_containerandcreate_desktop_shortcut.
[
{
"custom_name": "Outlook",
"create_desktop_shortcut": true,
"default_launch_container": "window",
"url": "https://outlook.office365.com/mail/"
},
{
"custom_name": "Excel",
"create_desktop_shortcut": true,
"default_launch_container": "window",
"url": "https://excel.cloud.microsoft/"
},
{
"custom_name": "PowerPoint",
"create_desktop_shortcut": true,
"default_launch_container": "window",
"url": "https://powerpoint.cloud.microsoft/"
},
{
"custom_name": "Microsoft Teams",
"create_desktop_shortcut": true,
"default_launch_container": "window",
"url": "https://teams.cloud.microsoft/"
},
{
"custom_name": "Word",
"create_desktop_shortcut": true,
"default_launch_container": "window",
"url": "https://word.cloud.microsoft/"
}
]- Once finished, click Next
- In the Assignments tab, I am going to deploy to all devices then click Next.
- In the Review + Create tab, review your configuration and then click Create.
- Going to my Intune managed device, I can now see the applications are on my desktop and if I go to Edge, to
edge://appsI can see they are all installed.
PowerShell
The PowerShell method revolves around deploying a script to your endpoints. There are some things to know with this method.
- PowerShell, at the time of this writing, cannot install PWA’s within a browser like we can with Intune.
- Users will be able to delete the shortcuts
- If a web app supports the PWA being used while offline, this method will not
- In my testing, the office suite of apps do not support offline capabilities.
To your end users, they wont be able to tell the difference that this is a true PWA or not. A PWA launches in Microsoft Edge using the -app flag which launches Edge in app mode, which is stripped down version of Edge to try to replicate a traditional app. The sites will all be the same that the PWA loads.
Take a look at the screenshot below, the left is a PWA installed in Edge. The right is our ‘PWA’. There is virtually no difference to the end user. The icons on the desktop will be the same as the PWA as well.
- Copy the PowerShell script from my GitHub
- Deploy it using whatever tool you have available.
- If you want to have the script grab the users default browser and set the PWA to open in the default browser you’d change the bottom to be the following:
$progId = (Get-ItemProperty "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice").ProgId
$command = [Microsoft.Win32.Registry]::ClassesRoot.OpenSubKey("$progId\shell\open\command").GetValue("")
if ($command -match '"([^"]*)"') {
$DefaultBrowserPath = $matches[1]
}
# Example usage
$props = @{
'ShortcutPath' = Join-Path -Path ([Environment]::GetFolderPath("CommonDesktopDirectory")) -ChildPath 'Word.lnk'
'TargetPath' = $DefaultBrowserPath
'Arguments' = '-profile-directory=Default -app=https://word.cloud.microsoft/'
'IconName' = "word.ico"
'IconURL' = "https://sapwaicons.blob.core.windows.net/icons/word.ico"
'IconPath' = "C:\Temp"
}Note: If you run the script as SYSTEM then it will be unable to find the default browser. You would need to hardcode the browser path which the Install_OfficeSuite_PWA.ps1 file does.
- I also have provided script to deploy single applications which can be found here
We can now see that Edge has no apps installed, but I have the shortcuts still and the app launches in the same app mode.
How does this work?
- The PowerShell script will create a shortcut to each app and point it to the URL. This is the same URL that the PWA uses.
- The target path for the shortcut will be set to Edge (or your default browser depending on the script you use)
- The arguments will include
-appwhich runs the instance in app mode (same as PWA) and also-profile-directory=default(same as PWA) - The Icons are stored in an Azure storage table (https://sapwaicons.blob.core.windows.net/icons/) but you can always point it to your own Icon database. The icons are stored locally in
C:\Tempwhich the script will make if it is not already present.
My name is Bradley Wyatt; I am a 5x Microsoft Most Valuable Professional (MVP) in Microsoft Azure and Microsoft 365. I have given talks at many different conferences, user groups, and companies throughout the United States, ranging from PowerShell to DevOps Security best practices, and I am the 2022 North American Outstanding Contribution to the Microsoft Community winner.