Intune Certificate and SAP Fiori (iOS)

Copper Contributor


My team and I have a scenario where we need to: 

  • install wrapped SAP Fiori on the iPhones (done and works)
  • use PKI to send certificates to mobile devices (done and works)
  • end-user need to run the SAP Fiori and log in using a certificate, not a login and password method

To send the certificate to mobile phones we use NDES and SCEP. It works and the certificate appears on the mobile phone in the Device Management\Management Profile\Device Identity Certifiactes. 

The problem which we met, is reading the certificate from this store directly to the application. Our goal is to open the application and then the app is getting the cert from the device store and authenticating user to SAP. We also configured the Single Sign-On account from Device Feature configuration profile for iOS, but without success. Developers are using Cordova to work on the app. 

Maybe someone of you had a similar problem and solve it? We


4 Replies
Have you ever solved this issue? I am having the exact same issue, and do not seem to be able to make it work.

Try using the newly implemented SSO app extension. I don't know if that will fix it, but it's worth an attempt. It allows you to designate which apps call to the said SSO method for login. As long as the app has the appropriate code to support SSO, it should work.


Unfortunately, I left the project during additional tests. I recommended contacting Microsoft directly but did not get any feedback from the developers' team.
When the security team decided that only a certificate is acceptable, then there is no other way :) The certificate was obligatory in my case., I proposed to use SSO, but the security team declined my proposal.