Federated authentication vs ABM for Apple Automated Device Enrollment

Copper Contributor

need some advise as I am new to this.
is Federated authentication a prerequisite for Apple Automated Device Enrollment or ABM will do and must Apple device have a device plan for Apple Automated Device Enrollment?

is there a detail table or information the above. Thanks in advance.    

2 Replies



Federated authentication isn't strictly required if using a personal device but is typically used for accessing Microsoft 365 cloud services. With ABM you can also have "Managed Apple IDs" instead, but ABM isn't strictly required either if you want to just use Intune for BYOD.


The devices don't need a "plan" per-se, because they could just use Wi-Fi to enroll rather than 5G for  connectivity.


This gentleman has some good articles on ABM and Intune integration, which you may want to review:


How to enroll an Apple device with iOS 13 “User Enrollment” mode in Microsoft Intune 


How to start with Shared iPads for Business with Microsoft Endpoint Manager (Intune) and Apple Busin....


Please like or mark this thread as answered if it's helpful, thanks!


hi@Kurt Mayer ,
thanks for the reply and information.
we planning to use corporate iOS device only and not as shared devices, any concern?
is input personal apple ID allowed for supervised iOS/iPadOS devices deployed via ABM? We are not using Federation with AAD for Managed Apple ID, is there script or any tool to bulk Managed Apple ID.


Thanks in advance.