Configure Extensible Single Sign-On Profile

The Extensible Single Sign-On profile enables administrators to set up an app extension that achieves single sign-on functionality on enrolled devices.

note

This profile is supported on iOS 13 or higher devices.

To configure an app extension that performs Single Sign-On on enrolled devices, follow these steps:

On the SureMDM Web Console, navigate to Profile > iOS/iPadOS > Add > Extensible Single Sign-On > Configure.
Enter a Profile Name.
Configure single sign-on settings and click Save.

Settings	Description
Extension Identifier	Enter the bundle Id of the app extension that performs single sign-on for the specified URLs.
Single Sign-On Type	Select the single sign-on type: - Credential Two options will be displayed: Realm - Enter the Realm name for the credential payload. Host - Enter the array of hostnames or domain names that are authenticated using app extensions. - Redirect The following option will be displayed: URLs - Enter the array of URL prefixes of identity providers

Settings

Description

Extension Identifier

Enter the bundle Id of the app extension that performs single sign-on for the specified URLs.

Single Sign-On Type

Select the single sign-on type:

- Credential

Two options will be displayed:

Realm - Enter the Realm name for the credential payload.

Host - Enter the array of hostnames or domain names that are authenticated using app extensions.

- Redirect

The following option will be displayed:

URLs - Enter the array of URL prefixes of identity providers

The newly created profile will be listed in the Profiles section.

Go back to the Home tab and select the iOS/iPadOS device(s) or group(s).
Click Apply to launch the Apply Job/Profile To Device prompt.
Select the profile under All Jobs/Profiles.
Click Apply in the Apply/Profile To Device prompt.