For iOS device authentication, you integrate the service with Kerberos. Kerberos authentication provides users, who are successfully signed in to their domain, access to their application portal without additional credential prompts. The iOS device authentication method uses a Key Distribution Center (KDC) without the use of a connector or a third-party system.

Workspace ONE Access Cloud tenants do not need to manage or configure the KDC.

For on premises deployments, two KDC service options are available.

  • Built-in KDC. The built-in KDC requires initializing KDC on the appliance and creating public DNS entries to allow the Kerberos clients to find the KDC. For more information about enabling the built-in KDC, see the Workspace ONE Access Administration guide.
  • KDC as a Workspace ONE Access cloud hosted service. Using KDC in the cloud requires selecting the appropriate realm name in the iOS authentication adapter page.