Windows hello for business for Hybrid Entra Join

Environment:

-No UPN matching between onprem AD and Azure, Third party federation and User provisioning .

-Hybrid Entra Joined devices

-Enrolled to Intune using device credentials as SCCM is setup with co management (Cloud Attach).

Question:

Whether setting up Windows hello for business (Which was working before enrollment) using GPO / or Intune. An error is returned.

Pin:

"this sign in option is only available when connected to your organization's network"

"Fingerprint and Face"

"The option is currently unavailable"

Multiple methods to setup WFH was attempted and none worked so far.

-Devices -> Win 10 -> Enrollment -> "Configure Windows hello for business"

-Using Custom settings as described here(CSP or GPO):

https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/configure

-Biometrics devices updated/ Windows updates installed/ All devices and users affected in the organization.

-What could be the issue? Any best effort to get the windows hello for business working again?