You configure the Mobile SSO for iOS authentication method from the Auth Methods page in the administration console. Associate the Mobile SSO authentication method to the built-in identity provider.

For iOS device, you integrate the service with Kerberos. Kerberos authentication provides users, who are successfully signed in to their domain, access to their application portal without additional credential prompts.

VMware Identity Manager uses an identity provider that is built in to the identity manager service to provide access to Mobile SSO authentication. This authentication method for iOS devices uses a Key Distribution Center (KDC) without the use of a connector or a third-party system.

In the VMware Identity Manager service, Kerberos can be integrated in one of two ways.

  • KDC as a VMware Identity Manager cloud hosted service. Using KDC in the cloud requires selecting the appropriate realm name in the iOS authentication adapter page.

    Note:

    The KDC service hosted in the cloud is the only option when VMware Identity Manager is deployed with AirWatch in a Windows environment.

  • Built-in KDC on the appliance. The built-in KDC requires initializing KDC on the appliance and creating public DNS entries to allow the Kerberos clients to find the KDC.