Skip Navigation

Setting up single sign-on authentication for devices

You can enable
iOS
devices to authenticate automatically with domains and web services in your organization’s network. After you assign a single sign-on profile or sign-on extension profile, the user is prompted for a username and password the first time they try to access a secure domain that you specified. The login information is saved on the user’s device and used automatically when the user tries to access any of the secure domains specified in the profile. When the user changes the password, the user is prompted the next time they try to access a secure domain.
For devices running
iOS
or
iPadOS
13 and later, you use a single sign-on extension profile to enable the devices to authenticate automatically with domains and web services in your organization's network. Devices running a version of
iOS
earlier than 13 used single sign-on profiles.
  • Kerberos
  • NTLM
  • SCEP certificates for specified trusted domains
BlackBerry Dynamics
apps also support
Kerberos
authentication. For more information, see Configuring
Kerberos
for
BlackBerry Dynamics
apps
.