Single sign-on configuration (macOS user policy)

With the Single sign-on configuration you define settings for a single sign-on for third-party apps.




A human-readable name for the account.

Kerberos principal name

The Kerberos principal name.

If you do not enter a value, the user must enter the name during profile installation.


The Kerberos realm name.

You must enter the name in upper-case.


Values must begin with http:// or https://

If a value doesn’t end with /, the / is added by Sophos Mobile.

App identifiers

A list of bundle IDs of apps.

Values must be either exact matches (e.g. com.sophos.smsec), or prefixes, using the characters .* at the end of the string (e.g. com.sophos.*).