Setup Federated Authentication in ABM
  • 14 Sep 2022
  • 1 Minute to read
  • Dark
    Light
  • PDF

Setup Federated Authentication in ABM

  • Dark
    Light
  • PDF

Article summary

Apple Documentation Link

Refer to https://support.apple.com/guide/apple-business-manager/use-federated-authentication-with-ms-azure-ad-axmb02f73f18/web for the latest version of instructions to set up Azure. A simplified workflow is documented in this article.

Requirements

  • Microsoft Azure administrator account with Global Administrator role
  • Apple Business Manager account with Administrator or People Manager role
  • Access to DNS records for your organization to add a TXT record for domain ownership validation

Domain validation

Follow the instructions in https://support.apple.com/guide/apple-business-manager/link-to-new-domains-axm48c3280c0/1/web/1 to link your organization domain to Apple Business Manager.

DNS changes may take up to 36 hours to propagate to start the next step.

Federate authentication between your organization identity provider and Apple Business Manager

Determine if SCIM, user sync, or on demand account creation is appropriate in your organization

Managed Apple IDs are generated in one of three ways:

If your organization has additional requirements like assigning applications to users in bulk, it may make sense to import your full organization directory of users into Apple Business Manager with SCIM or Google user sync. Actions like license assignment can be done in advance of a large scale deployment of devices and avoid taxing server resources.


Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.