Single Sign-on (macOS)
Use the Single Sign On (SSO) profile configuration for app extensions that perform
SSO for compatible macOS devices.
Note: Requires macOS 13.0 or
later.
Do this when:Extensible SSO Details
| App Extension Bundle Identifier | Enter the bundle identifier of the app extension that performs single sign-on for the specified URLs. |
| Team Identifier |
Specify the team identifier of the app extension that performs single sign on (SSO) for your specified URLs. |
| SSO Type | Select a single sign-on type. Choose between Redirect and Credential. |
| Realm | [Appears when selecting Credential as the SSO type] Use this field to enter the required associated Kerberos Realm. |
| Add Host Names | [Appears when selecting Credential as the SSO type] Select the button to add host or domain names to authenticate through the app extension. |
| Add URL Prefix | [Appears when selecting Redirect as the SSO type] Select the button to add URL prefixes of identity providers where the app extension performs single sign-on. |
| Extension Data | Use this field to add data you want to pass through to the app
extension as a plist-formatted dictionary. The data must begin and
end with <dict> tags. |
Platform SSO Details
| Enable platform SSO | When enabled, you can extend platform SSO capabilities to the
login window. This feature gathers details for LDAP or Smart card
Authentication. Restriction:
|
| Account display name | [Appears when toggling on Enable platform SSO] Enter an account name. Notifications and authentication request displays the entered account name. |
| Authentication method |
[Appears when toggling on Enable platform
SSO] Select the sign in method to use within
platform SSO. Choose from:
Note: The SSO Extension must support this
authentication type.
|