Configuration settings > Authentication > Extensible Single Sign On (SSO)
Authentication Method: Password
Registration Token: {{DEVICEREGISTRATION}}
Extension Identifier: com.microsoft.CompanyPortalMac.ssoextension
Screen Locked Behaviour: Do Not Handle
Team Identifier: UBF8T346G9
Type: Redirect
URLs:
- https://login.microsoftonline.com/
- https://login.microsoft.com/
- https://sts.windows.net/
- https://login.partner.microsoftonline.cn/
- https://login.chinacloudapi.cn/
- https://login.microsoftonline.us/
- https://login-us.microsoftonline.com/
Configuration settings > Authentication > Extensible Single Sign On (SSO) > Platform SSO >
Authentication Method: Password
Enable Authorization: Enabled
Enable Create User At Login: Enabled
New User Authorization Mode: Standard
Use Shared Device Keys: Enabled
User Authorization Mode: Standard
The PlatformSSO part of the policy works on Sonoma only
Deploy the Setting Catalog policy to your managed Mac devices