Apply single sign-on (SSO) to AirWatch applications, wrapped applications, and SDK-enabled applications. This option allows users to enter a single SSO passcode to access supported resources without having to enter login credentials in each application.

Using either the AirWatch Agent or the AirWatch Container as a "broker application", end users can authenticate once using either their normal credentials or an SSO passcode. They gain access to other applications so long as the SSO session is active. See SSO Session and the AirWatch Agent for information.

For information about SSO for Apple iOS 7+ using Kerberos authentication, refer to the VMware AirWatch Apple iOS Platform Guide, available on AirWatch Resources.

See Supported Settings and Policies Options By Component and AirWatch App to find out if your application supports using these settings. Find the matrices in the AirWatch Mobile Application Management Guide.

  1. Navigate to Groups & Settings > All Settings > Apps > Settings and Policies > Security Policies.
  2. Set Single Sign On to Enabled to give end-users access to all AirWatch applications and to maintain a persistent login.
  3. Optionally, set Authentication Type to Passcode and set the Passcode Mode to either Numeric or Alphanumericto require an SSO Passcode on the device.

    If you enable SSO but do not enable an Authentication Type, the system does not prompt end users with any recurring authentication. An exception to this behavior occurs when end users must authenticate during an initial installation of the application. They use their normal credentials to authenticate in this instance.

    Wrapped applications must have a passcode, either numeric or alphanumeric. Without this passcode, wrapped applications do not display true SSO functionality.

For more topics about the SDK and mobile application management, see MAM Functionality With SDK Functions.

For information about developer SSO configurations and authentication behavior, see SSO Configurations and System Login Behavior.