Among a slew of announcements at WWDC this year were some important changes to Apple’s support for single sign-on (SSO). Here’s what’s coming when new updates ship this fall.
SSO + BYOD = iOS 16, iPadOS 16
Apple first introduced SSO support at WWDC 2019 with Sign in with Apple, which also saw the introduction of extensions to enable this kind of authentication. It allowed a user to access a service or website using their Apple ID, and meant support for identity providers, the use of highly secure token-based signatures and the tools service providers required to implement these systems.
That was v.1, and Apple has continued to improve its offerings since then. All the same, the reality is that because apps and services must be equipped to accept SSO, it’s sometimes necessary to use third-party authentication services such as Okta and others, or simply manual sign in to access some sites.
Apple at WWDC 2022 updated SSO with two critical enhancements:
- SSO support for user enrollment for iOS 16 and iPadOS 16.
- Platform SSO support to macOS Ventura.
What’s new in SSO support for user enrollment
What’s changed is that when enrolling an iOS device, users can now download a mobile app from their identity provider (IdP) to enable use of SSO on that device. The system also requires a Managed Apple ID set up using Apple Business or School Manager and use of an MDM (Mobile Device Management) system of some kind, such as Apple Business Essentials, Jamf, or Kandji, to name but three.
Apple also made it possible to use Apple Configurator for iPhone to add Macs, iPads, and iPhones to Apple Business or School Manager starting this fall. The company has also made it much easier to enroll personal devices to MDM.
The lightest explanation of how Apple’s system works is that once enrollment is complete, the IdP app remains active on the device to mediate app and service authentications. For an end user, the experience is that once they sign into their iPhone/iPad, they should not need to authenticate use of other supported apps and services.
What is Platform SSO support for Macs?
For Macs, the addition of Platform SSO support means users will be signed into all the…