The Mobile SSO for iOS authentication method is used for single sign-on authentication in Workspace ONE UEM-managed iOS devices. For iOS device authentication, Workspace ONE Access uses an identity provider that is built into the service to provide access to mobile SSO authentication. Mobile SSO (for iOS) authentication uses a Key Distribution Center (KDC) that is part of the Workspace ONE Access service.

For iOS mobile SSO authentication, makes use of a certificate that is deployed in a device profile to authenticate the user with Workspace ONE UEM. The iOS Mobile SSO certificate authentication relies on Kerberos to collect the certificate.

The following is configured for ]Mobile SSO for iOS authentication.

  • Download the issuer certificate to configure Mobile SSO for iOS.
    • If you are using Workspace ONE UEM Certificate Authority, in the Workspace ONE UEM console, enable Certificates in the Enterprise Integrations > Workspace ONE Access page. Download the issuer certificate to configure Mobile SSO for iOS.
    • If you are using Active Directory Certificate Services, configure a certificate authority template for Kerberos certificate distribution in the Active Directory Certificate Services. Then configure Workspace ONE UEM to use Active Directory Certificate Authority. Add the Certificate template in the Workspace ONE UEM console. Download the issuer certificate to configure Mobile SSO for iOS.
  • Establish the Key Distribution Center (KDC) to use in the Workspace ONE UEM console. Download the KDC certificate from the Workspace ONE Access console.
  • Configure the iOS device profile and enable single sign-in from the Workspace ONE UEM console.
  • Configure the Mobile SSO (iOS) authentication method.
  • Configure the built-in identity provider and associate the Mobile SSO for iOS authentication method in the Workspace ONE Access console.

In addition to configuring mobile SSO for iOS, you configure mobile device management for iOS devices in the Workspace ONE UEM console. See iOS Device Management documentation.

Supported Apple iOS Devices

iOS 9 or late is supported.