Seeking Guidance for Implementing Platform SSO

Hello everyone,

I'm currently in the process of implementing platform SSO (Single Sign-On) in macOS and could use some guidance. I find myself a bit confused during the device registration phase, particularly because my Identity Provider (IdP) needs to support it. I'm wondering if Platform SSO will handle this automatically or if there are specific steps I need to take.

Additionally, I'm unsure whether I need to share the device signing and encryption key in my identity. Could someone please clarify this for me?

Finally, I would greatly appreciate it if someone could provide me with some sample code or starting pointers to help me get started on the right track. More into apart from OpenID, SAML protocol what else the Idp needs to change to support Platform SSO.

Thank you in advance for your assistance!

Are you working for this identity provider?

Or are you trying to build a Platform SSO app for some other identity provider?

This matters because, in the first case, you express that relationship using an associated domain. If you can’t do that, there’s really no path forward.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Seeking Guidance for Implementing Platform SSO
 
 
Q