Device Management Profile

ExtensibleSingleSignOnSSO

The payload for configuring an app extension that performs single sign-on.

Properties

A dictionary of arbitrary data passed through to the app extension.

ExtensionIdentifier
string
(Required)

The bundle identifier of the app extension that performs single sign on (SSO) for the specified URLs.

Hosts
[string]

An array of host names or domain names which can be authenticated through the app extension.

Required for Credential-type payloads. Ignored for Redirect-type payloads.

Host or domain names are matched case-insensitively, and all the host/domain names of all installed Extensible SSO payloads must be unique.

Realm
string

The realm name for Credential-type payloads. This value should be properly capitalized.

This key is ignored for Redirect-type payloads.

TeamIdentifier
string

The team identifier of the app extension.

This key is required on macOS and ignored elsewhere.

Type
string
(Required)

The type of SSO.

URLs
[string]

An array of URL prefixes of identity providers where the app extension performs SSO.

Required for Redirect-type payloads. Ignored for Credential-type payloads.

The URLs must begin with http:// or https://, the scheme and host name are matched case-insensitively, query parameters and URL fragments are not allowed, and the URLs of all installed Extensible SSO payloads must be unique.

Discussion

Specify com.apple.extensiblesso as the payload type.

Profile Availability

Device Channel

iOS, macOS, Shared iPad

User Channel

-

Allow Manual Install

-

Requires Supervision

-

Requires User Approved MDM

macOS

Allowed in User Enrollment

iOS, macOS

Allow Multiple Payloads

iOS, macOS, Shared iPad

See Also

Authentication

object DirectoryService

The payload for configuring an Active Directory (AD) domain. 

object Identification

The payload for configuring the names of the account user. 

object IdentityPreference

The payload for configuring the user's identity on the device.

object SingleSignOnSSO

The payload for configuring single sign-on.

Beta Software

This documentation contains preliminary information about an API or technology in development. This information is subject to change, and software implemented according to this documentation should be tested with final operating system software.

Learn more about using Apple's beta software