Setting up single sign-on authentication for devices
Using a single sign-on profile, you can enable
BlackBerry 10
devices and certain iOS
devices to authenticate automatically with domains and web services in your organization’s network. After you assign a single sign-on profile, the user is prompted for a username and password the first time they try to access a secure domain that you specified. The login information is saved on the user’s device and used automatically when the user tries to access any of the secure domains specified in the profile. When the user changes the password, the user is prompted the next time they try to access a secure domain.For devices running
iOS
(or iPadOS) 13 or later, you must use a single sign-on extension profile to enable the devices to authenticate automatically with domains and web services in your organization's network. You can also use a single sign-on profile to specify trusted domains for certificates that you send to
BlackBerry 10
devices using a SCEP profile. Once you specify trusted domains, BlackBerry 10
users can select the required certificates when they access a trusted domain.Single sign-on profiles support the following authentication types:
Authentication type |
Device OS |
Applies to |
|---|---|---|
|
iOS |
|
BlackBerry 10 |
|
|
|
BlackBerry 10 |
|
BlackBerry
Dynamics
apps also support Kerberos
authentication. For more information, see Configuring Kerberos
for BlackBerry
Dynamics
apps.