Multiple authentication methods can be applied to devices for single sign-on. You can configure a single authentication method and you can set up chained, two factor authentication.
Authentication methods are configured in the built-in identity provider in the Workspace ONE Access console.
When mobile single sign-on is configured, the following authentication methods can be enabled.
- Mobile SSO (for iOS). Kerberos-based adapter for iOS Devices.
- Mobile SSO (for Android). Specially tailored implementation of certificate authentication for Android.
- Certificate (Cloud Deployment). Certificate authentication service aimed at Web browsers and desktop devices.
- Password. Allows for authentication of directory passwords with a single connector when Workspace ONE Access and Workspace ONE UEM are integrated.
- Device Compliance (with Workspace ONE UEM). Measures the health of managed devices resulting in a pass or fail based on Workspace ONE UEM defined criteria. Compliance can be chained with any other built-in adapter except password.
After an authentication method is configured, you create access policy rules that specify the authentication methods to be used by device type.