Apply single sign-on (SSO) to AirWatch applications, wrapped applications, and SDK-enabled applications. This option allows users to enter a single SSO passcode to access supported resources without having to enter login credentials in each application.

Using either the AirWatch Agent or the AirWatch Container as a "broker application", end users can authenticate once using either their normal credentials or an SSO passcode. They gain access to other applications so long as the SSO session is active. See SSO Session and the AirWatch Agent for information.

For information about SSO for Apple iOS 7+ using Kerberos authentication, refer to the VMware AirWatch Apple iOS Platform Guide, available on AirWatch Resources.

See Supported Settings and Policies Options By Component and AirWatch App to find out if your application supports using these settings. Find the matrices in the AirWatch Mobile Application Management Guide.

  1. Navigate to Groups & Settings > All Settings > Apps > Settings and Policies > Security Policies.
  2. Set Single Sign On to Enabled to give end-users access to all AirWatch applications and to maintain a persistent login.
  3. Optionally set Authentication Type to Passcode and set the Passcode Mode to either Numeric or Alphanumeric to require an SSO Passcode on the device. If you enable SSO but do not enable an Authentication Type, end users use their normal credentials (either directory service or AirWatch account) to authenticate. In this scenario, the SSO passcode does not exist.

    Wrapped applications must have a passcode, either numeric or alphanumeric. Without this passcode, wrapped applications do not display true SSO functionality.

For more topics about the SDK and mobile application management, see MAM Functionality With SDK Functions.