For iOS device, you integrate the service with Kerberos. Kerberos authentication provides users, who are successfully signed in to their domain, access to their application portal without additional credential prompts. This authentication method for iOS devices uses a Key Distribution Center (KDC) without the use of a connector or a third-party system.

VMware Identity Manager Cloud tenants do not need to manage or configure the KDC.

For on premises deployments, two KDC service options are available.

  • Built-in KDC. The built-in KDC requires initializing KDC on the appliance and creating public DNS entries to allow the Kerberos clients to find the KDC. For more information about enabling the built-in KDC, see the VMware Identity Manager Administration guide.

  • KDC as a VMware Identity Manager cloud hosted service. Using KDC in the cloud requires selecting the appropriate realm name in the iOS authentication adapter page.


When the VMware Identity Manager is installed and configured with AirWatch in a Windows environment, the iOS Mobile authentication method must be configured to use the VMware Identity Manager cloud hosted KDC service.