Skip to main content

Shared Device Mode (SDM) – iOS/iPadOS

Shared Device Mode (SDM) enables multiple users to securely access and use the same iOS or iPadOS device while maintaining individualized configurations and policies. This feature is useful in shared environments such as frontline workspaces, healthcare facilities, retail stores, or educational institutions where devices are commonly shared across users.

How Shared Device Mode Works

The behavior of Shared Device Mode depends on whether Single Sign-On (SSO) is enabled. With SSO configured, users benefit from a unified authentication experience across supported apps, whereas without SSO, separate authentication may be required for each app, leading to a different login flow.

With Single Sign-On (SSO) enabled

When Shared Device Mode is enabled with SSO configuration:

  • The authentication flow is presented through the configured Identity Provider (IdP) (for example, Microsoft Entra ID using the Authenticator app) to provide a secure and seamless login experience.

  • Upon successful authentication, SSO is established, allowing the user to access supported apps without repeated sign-ins.

  • The device exits Single App Mode and user-specific profiles are dynamically applied based on configured profile mapping rules.

  • During the session, the user stays signed in and can access apps without needing to log in again.

  • When the user logs out, the session is terminated and the device reverts to the default or configured logout profile, preparing it for the next user.

With Single Sign On (SSO) disabled

When Shared Device Mode is enabled without SSO configuration:

  • The device is placed in Single App Mode with the SureMDM Agent displaying a login screen.

  • Users authenticate using the configured Identity Provider (IdP).

  • Once authenticated, device profiles are dynamically assigned based on configured profile mapping rules.

  • When the user logs out, the device reverts to the default or configured logout profile, preparing it for the next user.

Shared Device Mode ensures secure user access while allowing administrators to control device behavior based on the logged-in user.

Key capabilities include:

  • Centralized configuration through Account Settings
  • Secure user authentication using SAML
  • Dynamic profile assignment based on user or device properties
  • Device lockdown using Single App Mode during login