When integrated with Microsoft Entra ID, Platform Single Sign-on for macOS (Platform SSO) allows end users to authenticate to their computers using a smart card or their Entra ID credentials. Alternatively, it can be configured to create a secure, hardware-bound, non-phishable authentication factor used by Entra ID to access organization resources. In this "Secure Enclave key" mode, the local account credentials are unchanged and knowledge of the local account password fulfills the need for multiple factors for conditional access policies.
Deploying Platform SSO for Entra ID involves the following steps:
Determining the authentication method
Deploying the Microsoft Company Portal app
Deploying a configuration profile
Jamf's support for any troubleshooting required during the deployment of this functionality may be limited to the steps that can be accomplished in Jamf Pro. For issues with steps involving Microsoft Entra ID, see Find help and get support for Microsoft Entra ID in Microsoft's documentation. For issues with Platform SSO functionality itself, contact Apple Support.