Implementing Mobile SSO authentication for AirWatch-managed iOS 9 or later devices requires the following configuration steps.

  • Download the issuer certificate to configure Mobile SSO for iOS

    • If you are using Active Directory Certificate Services, configure a certificate authority template for Kerberos certificate distribution in the Active Directory Certificate Services. Then configure AirWatch to use Active Directory Certificate Authority. Add the Certificate template in the AirWatch admin console. Download the issuer certificate to configure Mobile SSO for iOS.

    • If you are using AirWatch Certificate Authority, enable Certificates in the VMware Identity Manager Integrations page. Download the issuer certificate to configure Mobile SSO for iOS.

  • Establish the Key Distribution Center (KDC) to use.

  • Configure the iOS device profile and enable single sign-in from the AirWatch admin console.

  • Configure the Mobile SSO (iOS) authentication method

  • Configure the built-in identity provider and associate the Mobile SSO for iOS authentication in the VMware Identity Manager administration console.