3/5/2023 0 Comments Jamf pro sso azure![]() The following eight steps walk through the steps to configure the Microsoft Enterprise SSO plug-in. That platform difference will make sure that the correct configuration is applied to the correct app. ![]() The configuration for iOS/iPadOS and macOS devices is identical. Once the configuration options and requirements are clear, it’s time to look at the configuration of the Microsoft Enterprise SSO plug-in. This key and value restricts ability of both native and web applications to force an end-user prompt on the protocol layer and bypass SSO.Ĭonfiguring the Microsoft Enterprise SSO plug-in This key and value enables non-MSAL apps and Safari browser to do the initial bootstrapping and get a shared credential. Those settings are described in the table below and are recommended. In addition to the default behavior, there are additional configuration options available to extend the SSO functionality to additional apps. Note: Make sure to use the latest version of the Microsoft Authenticator app (iOS/iPadOS) and the latest version of the Company Portal app (macOS). That session is then used across the different supported apps, on their Apple device, without requiring users to authenticate again. Once the correct app is installed and the SSO app extension is configured, users can enter their credentials to sign in, and establish a session on their Apple device. That configuration can only be applied when the device is managed. This all means that, to use the SSO app extension, an administrator should make sure that the correct app is installed and that the correct configuration is applied. ![]() Those devices were configured by using the configuration steps provided in this post. Note: The information in the table above is taken from a configured iPadOS device ( Settings > General > Device Management > Management Profile > More Details > Authenticator) and a configured macOS device ( System Preferences > Profiles > Extensible Single Sign On Profile – ). The redirect SSO app extension configuration, for iOS/iPadOS and macOS devices, is provided in the table below. Configuring the SSO app extension will enable the SSO plug-in. The SSO plug-in is provided on iOS/iPadOS devices as an extension of the Microsoft Authenticator app and the SSO plug-in is provided on macOS devices as an extension of the Company Portal app. In those cases, the SSO plug-in acts as an advanced authentication broker. That includes accessing websites via supported browsers. That plug-in provides SSO for Azure AD accounts across all apps that support the enterprise SSO feature of Apple and that authenticate via Azure AD. The Microsoft Enterprise SSO plug-in, is a redirect-type SSO app extension. Let’s start by having a look at the configuration options for the Microsoft Enterprise SSO plug-in. Configuration options for the Microsoft Enterprise SSO plug-in Important: Keep in mind that, at the moment of writing, this is still preview functionality. I’ll end this post by having a look at the end-user experience. In this post I’ll start with having a look at the configuration options, followed with the configuration steps. The extensions can be enabled by using Microsoft Intune. The plug-in is provided on iOS/iPadOS devices as an extension of the Microsoft Authenticator app and the plug-in is provided on macOS devices as an extension of the Company Portal app. That plug-in provides single sign-on (SSO) for Azure AD accounts across all apps that support the enterprise SSO feature of Apple. This week is all about the Microsoft Enterprise SSO plug-in for Apple devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |