There are a few things hereto consider for your use case.
If you're looking to utilise compliance the device would need to be under management to be able to check this. In this case, the device will also have the Intelligent Hub installed.
You could also leverage conditional access policies in Workspace One Access to provide different authentication methods into Web Based applications based om device compliance status. This would also work across other browsers if needed.
This link may help further with conditional access - https://techzone.vmware.com/securing-saas-applications-conditional-access