Single sign-on (SSO) policy enables the users to use the same credentials across applications, including Mobile Securityand applications from the App Store. Each new application configured with SSO certification verifies user permissions for enterprise resources, and logs users in without requiring them to reenter their passwords.
Name: the Kerberos principal name.
Realm: The Kerberos realm name.
The Kerberos ream name should be properly capitalized.
URL Prefixes (Optional): List of URLs that must be matched in order to use an account for Kerberos authentication over HTTP. If this field is blank, the account is eligible to match all http and https URLs. The URL matching patterns must begin with either http or https.
Each entry of this list must contain a URL prefix. Only the URLs that begin with one of the strings in an account are allowed to access the Kerberos ticket. URL matching patterns must include the scheme. For example, http://www.example.com/. If a matching pattern does not end in /, it will automatically add a / to the URL.
Application Identifiers (Optional): List of application identifiers that are allowed to use the account. I f this field is blank, this account matches all application identifiers.
The Application Identifiers array must contain strings that match application bundle IDs. These strings may be exact matches (such as com.mycompany.myapp) or may specify a prefix match on the bundle ID by using the * wildcard character. The wildcard character must appear after a period character (.), and may appear only at the end of the string (such as com.mycompany.*). When a wildcard is used, any application whose bundle ID begins with the prefix is granted access to the account.
To configure Single Sign-On Policy for iOS settings, click Policies, then click the policy name, and then click Single Sign-On Policy.