Apple @ Work: Apple’s willingness to integrate with IdP providers shows its focus on enterprise expansion – 9to5Mac | Hot Mobile Press

Apple@Work is brought to you by Kolide, endpoint security for teams with Slack. Kolide notifies your team via Slack when their devices are insecure and gives them step-by-step instructions on how to resolve the issue. Meet your compliance goals with the most powerful, untapped resource in IT: end users. Try Kolide for free today.

One thing that has become perfectly clear with Apple’s integrations at work over the last few years is that Active Directory binding is dead and integration with identity providers is the future. While I would never have predicted this a decade ago, Apple’s willingness to build APIs for other companies to manage the Mac login experience shows that the company understands its role in the company. This week I want to take a look at why Apple’s corporate expansion will continue to mature as it focuses on deep integration with other platforms.

About Apple@Work: Bradley Chambers managed an IT business network from 2009 to 2021. With experience deploying and managing firewalls, switches, a mobile device management system, enterprise-grade Wi-Fi, hundreds of Macs and hundreds of iPads, Bradley will demonstrate ways Apple IT managers are deploying Apple devices, building networks their support, educate users, stories from the IT management ditch and ways Apple could improve its products for IT departments.


If an IT admin had to describe the ideal macOS sign-in experience for their end users, it would look like this:

  • Turn on Mac
  • Sign in to macOS with the company IdP
  • All web apps and local apps are signed in via IdP

So far we have been close to integration. First, you can integrate some systems with the macOS login experience to avoid requiring only local accounts. Then SSO providers like Okta streamlined the process of logging into apps. Finally, with macOS Catalina and iOs 13, Apple introduced its single sign-on extensions that unlocked authentications to apps and services using the credentials it set up with its IdP. Even with the SSO extension, users had to sign in twice: once to unlock the Mac and the other for apps. IdP were also hesitant to update this extension. However, Apple’s corporate expansion is focused on much deeper integration.

Platform Single Sign-On: A True SSO Reality

At WWDC 2022, Apple is doubling down on streamlining the SSO experience on macOS. When discussing “What’s new in Apple device management,” Apple talked about platform single sign-on. In macOS 13 Ventura, Platform Single Sign-On allows end users to sign in once at the macOS sign-in window and then sign in to apps and websites compatible with the corporate identity provider. An example would be logging into macOS with Okta in the login window and automatically logging into a Slack and Jira instance using the same IdP. Apple said Platform SSO is the modern replacement for Active Directory binding (good liberation).

Apple Enterprise Expansion focuses on deep IdP integration

Apple’s willingness to cede this experience to a third party shows that Apple’s business expansion is at the forefront integration instead of building everything yourself. I spoke to someone yesterday about buying “all-in-one” solutions or buying top-of-the-line solutions and then doing the integration. His comment to me was that best-in-class solutions now have deep APIs and integrations out of the box. Companies now understand that their customers have many systems and they need to talk to each other. Apple’s focus on expanding its SSO APIs and integrations shows that it wants to be a company that IT admins love to deploy, work with, and advocate for. The easier it is to integrate macOS with companies’ software and IdP solutions, the more Macs they can sell.

Apple@Work is brought to you by Kolide, endpoint security for teams with Slack. Kolide notifies your team via Slack when their devices are insecure and gives them step-by-step instructions on how to resolve the issue. Meet your compliance goals with the most powerful, untapped resource in IT: end users. Try Kolide for free today.

FTC: We use income earning auto affiliate links. More.


Visit 9to5Mac on YouTube for more Apple news:

Leave a Comment