Jamf Pro can now support deployment of a Platform Single Sign-on (Platform SSO) application during Setup Assistant with macOS 26* using the Simplified Setup for Platform Single Sign-on workflow in a computer PreStage enrollment. This workflow allows for Platform SSO to be enforced through Setup Assistant during Automated Device Enrollment, requiring registration with an identity provider (IdP) and the ability for macOS to create a user account based on the user’s information from the IdP.
After the computer is enrolled with Jamf Pro, the computer will be kept in a Setup Assistant hold until a specified Platform SSO app and its configuration profiles have completed their installation. When the configuration hold is complete, macOS will begin a required Platform SSO registration and setup process on the next screen a user sees during enrollment. After registration, the first user can be created during Setup Assistant, based on the identity of the user that authenticated with the IdP. This user account is also registered with Platform SSO frameworks on macOS for continued benefits to user experience and security.
For more information on Platform SSO, see Platform Single Sign-on for macOS in Apple Platform Deployment.
To enable this feature, navigate to and either create a new PreStage enrollment or edit an existing one.
To enable Simplified Setup for Platform SSO, you must first configure Platform Single Sign-on. For more information, see the Platform Single Sign-on for macOS with Jamf Pro article.
*Feature support is based on testing with the latest Apple beta releases. Full functionality requires compatible implementation from supported identity providers (Okta and Microsoft Entra ID). Verify support status with your identity provider to ensure full feature availability.