Single Sign On payload settings
Use the Single Sign-On payload to define Kerberos account information when accessing servers or specified apps.
Single Sign-On is a concept based on Kerberos, where authentication to services running on various servers is granted. This is based on a trust relationship between the servers and the account. Active Directory uses Single Sign On to authenticate to additional servers they trust.
Note: This payload is unavailable in Apple Configurator 2.
Name of the user account — for example, Alex Hunter.
Kerberos principal name for the user account — for example, alexhunter@SERVER.EXAMPLE.COM
The full Kerberos realm where the user’s account is located.
Renewal Certificate payload
The certificate payload used to silently renew a Kerberos ticket.
URLs to be used with this account. Any URLs that don’t match the pattern won’t be contacted.
Apps that can take advantage of Single Sign-On can be listed here by their app identifier.