Configuring conditional access support for iOS applications

Apple iOS applications that use Safari for authentication do not provide sufficient device-specific information to accurately identify the device. Specifically, the Device Identifier is missing, which means Microsoft cannot identify the device or mark it as Enrolled. To mitigate this issue, configure Single Sign-On (SSO) so that the authentication requests are redirected from Safari to the Microsoft Authenticator app.

Procedure

  1. From the IBM® MaaS360® Portal home page, select Security > Policies.
  2. Open the iOS MDM Policy and go to Advanced Settings > Extensible Single Sign On.
  3. Enter the following values.
  4. Click Save and Publish.