Jamf Blog
November 7, 2019 by Garrett Denney

Apple Business Manager adds federated authentication

Apple Business Manager is one of the most powerful services available to IT admins deploying and managing Apple at scale, and recently it got even better with support for Microsoft Azure Active Directory (AD). Full details here.

Apple Business Manager is one of the most powerful services available to IT admins deploying and managing Apple at scale, and recently it got even better with support for Microsoft Azure Active Directory (AD)!

Last week, Apple announced that Apple Business Manager was adding support for federated authentication with Azure AD. It was a huge announcement and something that anyone running Azure AD will want to take a look at.

Federated authentication was previously available for Apple School Manager and was even in beta for Apple Business Manager but this is the first time it is fully available for users on either service.

Identity by Azure Active Directory

Over the years, many IT teams have made significant investments in their Azure Active Directory service, Microsoft’s identity system that allows organizations to maintain a “source of truth” for all users. If your organization is in the same boat, you will know how important it is to continue leveraging that infrastructure while also modernizing your deployment plan.

With Apple Business Manager support, you are now able to easily integrate your existing Azure AD credentials into your device setup process. Additionally, the integration is nearly invisible. Azure AD is able to verify a user directly within the native setup steps.

Streamlined setup

One of the best parts about leveraging Azure Active Directory with Apple Business Manager is how you’ll be able to simplify the setup and login experience for your end users. Gone are the days when a user had to sign in multiple times or manually create an account during setup. Instead, Azure AD is able to verify a user based on their iCloud account and will automatically create a local account when that user is verified.

Flexible enrollment

Finally, Federated Authentication for Managed Apple IDs is supported for both user enrollment and device enrollment. User Enrollment is Apple’s new “BYOD” system that helps IT admins manage personal devices in the workplace, while still protecting user privacy.

Next steps

Apple Business Manager’s federated authentication with Azure AD is a big deal and something we are excited to continue talking about. In the meantime, head to Apple Business Manager to begin testing the integration today.

Garrett Denney
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.