Multiple authentication methods can be applied to devices for single sign-on. You can configure a single authentication method and you can set up chained, two factor authentication.

Authentication methods are configured in the built-in identity provider in the Workspace ONE Access console.

When mobile single sign-on is configured, the following authentication methods can be enabled.

  • Mobile SSO (for iOS). Kerberos-based adapter for iOS Devices.
  • Mobile SSO (for Android). Specially tailored implementation of certificate authentication for Android.
  • Certificate (Cloud Deployment). Certificate authentication service aimed at Web browsers and desktop devices.
  • Password. Allows for authentication of directory passwords with a single connector when Workspace ONE Access and Workspace ONE UEM are integrated.
  • Device Compliance (with Workspace ONE UEM). Measures the health of managed devices resulting in a pass or fail based on Workspace ONE UEM defined criteria. Compliance can be chained with any other built-in adapter except password.

See Managing Authentication Methods in the Built-in Identity Providers.

After an authentication method is configured, you create access policy rules that specify the authentication methods to be used by device type.