Configuring Zero Sign-on in MobileIron Cloud
Create a Zero Sign-on configuration in MobileIron Cloud and sync with MobileIron Access.
Before you begin
Ensure that you have set up Access with MobileIron Cloud. See Overview of configuration with MobileIron Cloud.
Procedure: Overview of steps
- Creating a Zero Sign-On configuration in MobileIron Cloud
- Syncing the Zero Sign-On configuration with MobileIron Access
Creating a Zero Sign-On configuration in MobileIron Cloud
In MobileIron Cloud, create a Zero Sign-on configuration.
Before you begin
Ensure that you have configured Zero Sign-on in Access.
Procedure
- In MobileIron Cloud, go to Configurations > + Add > Saas Sign-On.
- In the Name field, enter a name for the configuration.
- (Optional) Expand + Add Description, to add a description for the configuration.
- For SCEP Identity, select the identity certificate you created for Tunnel.
The Tunnel certificate is the same certificate you used to set up mobile app single sign-on in Access. - Turn on the Enable FIDOtoggle switch to enable FIDO 2 authentication.
- Select a distribution option.
The configuration is distributed to the devices in the selected option. - Click Done.
- For more information about configuring mobile app single sign-on (SSO):
- For a federated pair, see Configuring Mobile App Single Sign-on (SSO).
- For delegated IdP, see Configuring Access as the delegated IdP .
Syncing the Zero Sign-On configuration with MobileIron Access
Sync with MobileIron Access to pull the Zero Sign-on configuration from the UEM.
Procedure
- In MobileIron Access, navigate to the UEM tab.
- Select the Cloud UEM and click the Sync UEM icon.
- Enter the UEM administrator credentials .
- Enter the credentials and click Verify.
- Click Done.
The SaaS Sign-on configuration and MobileIron Authenticate configuration is now synced with Access.