Setting up single sign-on authentication for devices
Using a single sign-on profile, you can enable
BlackBerry 10devices and certain
iOSdevices to authenticate automatically with domains and web services in your organization’s network. After you assign a single sign-on profile, the user is prompted for a username and password the first time they try to access a secure domain that you specified. The login information is saved on the user’s device and used automatically when the user tries to access any of the secure domains specified in the profile. When the user changes the password, the user is prompted the next time they try to access a secure domain.
For devices running
iOS(or iPadOS) 13 or later, you must use a single sign-on extension profile to enable the devices to authenticate automatically with domains and web services in your organization's network.
You can also use a single sign-on profile to specify trusted domains for certificates that you send to
BlackBerry 10devices using a SCEP profile. Once you specify trusted domains,
BlackBerry 10users can select the required certificates when they access a trusted domain.
Single sign-on profiles support the following authentication types:
BlackBerry Dynamicsapps also support
Kerberosauthentication. For more information, see Configuring