Microsoft Enterprise SSO Extension for Apple Devices

Microsoft Enterprise SSO Extension for Apple Devices

Since this is my first real post on this little blog, I figure I’ll keep it a short one. The last few years I’ve been working with the team building the Microsoft Enterprise SSO Extension, which I’m happy to report has just hit general availability, as of late April, 2023. I don’t do development at Microsoft, I work directly with customers - so my role for the last year has been to work with customers to deploy the preview version of the SSO extension, learn about customer pain points with identity on macOS, and help our feature teams and developers fix the issues that must be addressed before we could declare General Availability. Tons of customers I’ve talked to have deployed, and they’ve helped us reach GA. The feature team and developers have ton a fantastic job finishing the work, and now its my turn to get customers deploying all over again!

Microsoft Entra features go through a private preview -> public preview -> general availability lifecycle, if you aren’t familiar with how the product development for Microsoft identity features works. Public preview features are fully supported by Microsoft support, but many customers choose to wait until General Availability before using features. The Microsoft Enterprise SSO Extension spent 3 years in public preview, with a few customers deploying and reporting bugs, but not enough. The long preview threatened to leave many customers in a state where their Apple users were hit by too many MFA prompts and other poor user experiences. Over the last year, we’ve made major efforts to get more customers using the public preview and to close out as many bugs as we could. Now we’re ready for everyone to use it!

Most macOS and iOS customers aren’t using the SSO extension quite yet, but I anticipate that will change over the coming years. System-level SSO in the enterprise with Azure AD is going to become just as normal on macOS and iOS as it is on Windows.

Check out these videos from sessions I presented with my colleagues last year if you are new to Apple’s SSO framework. These presentations focus on why you should want to deploy this feature to your Apple devices, how it works, and how to provide the best security and user experience on Apple devices with M365:

Michael Epping

Michael Epping

Mr. Website Owner