Home
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
SOTI MobiControl Console Reference
Profiles
Apple Profiles
Profile Configurations
Single Sign-on (macOS)

Single Sign-on (macOS)

Use the Single Sign-on (SSO) profile configuration for app extensions that perform single sign-on for compatible macOS devices.

Note: Requires macOS 13.0 or later.

Do this when:

Table 1. Extensible SSO Details
App Extension Bundle Identifier	Enter the bundle identifier of the app extension that performs single sign-on for the specified URLs.
SSO Type	Select the single sign-on type: Redirect or Credential.
Realm	If Credential is the SSO type, use this field to enter the required associated Kerberos Realm.
Add URL Prefix	If Redirect is the SSO type, select the button to add URL prefixes of identity providers where the app extension performs single sign-on.
Add Host Names	If Credential is the SSO type, select the button to add host or domain names to authenticate through the app extension.
Extension Data	Use this field to add data you want to pass through to the app extension as a plist-formatted dictionary. The data must begin and end with `<dict>` tags.

Table 2. Platform SSO Details
Enable platform SSO	When enabled, you can extend platform SSO capabilities to the login window. This feature gathers details for LDAP or Smart card Authentication. Restriction: Requires macOS 14.0+ You can only create one Platform SSO per device. If you try to install more Platform SSO, the installation fails.
Account display name	You must Enable platform SSO to access this feature. Enter an account name. Notifications and authentication request displays the entered account name.
Authentication method	You must Enable platform SSO to access this feature. Select the sign in method to use within platform SSO. Choose from: Password Smart Card Note: The SSO Extension must support this authentication type.