Implementing Mobile SSO authentication for Workspace ONE UEM-managed iOS 9 or later devices requires the following configuration steps.
Download the issuer certificate to configure Mobile SSO for iOS
If you are using Active Directory Certificate Services, configure a certificate authority template for Kerberos certificate distribution in the Active Directory Certificate Services. Then configure Workspace ONE UEM to use Active Directory Certificate Authority. Add the Certificate template in the Workspace ONE UEM console. Download the issuer certificate to configure Mobile SSO for iOS.
If you are using Workspace ONE UEM Certificate Authority, enable Certificates in the VMware Identity Manager Integrations page. Download the issuer certificate to configure Mobile SSO for iOS.
Establish the Key Distribution Center (KDC) to use.
Configure the iOS device profile and enable single sign-in from the Workspace ONE UEM console.
Configure the Mobile SSO (iOS) authentication method
Configure the built-in identity provider and associate the Mobile SSO for iOS authentication in the VMware Identity Manager console.