Authentication Behavior By SSO Configuration
The SSO configuration controls the login behavior users experience when they access applications. The
authentication setting and the SSO setting affect the experience of accessing the application.
Table 3-2. Login Behavior for Users when Passcode is Set for SSO
Authentication Phase SSO Enabled SSO Disabled
Identify n Silent login: The system registers
credentials with the managed token
for MDM.
If silent login fails, the system moves
to the next identification process.
n Authenticate: The system identifies
credentials against a common
authentication system (username
and password, token, and SAML).
n Silent login: The system registers
credentials with the managed token
for MDM.
If silent login fails, the system moves
to the next identification process.
n Authenticate: The system identifies
credentials against a common
authentication system (username and
password, token, and SAML).
Secure n Prompt if passcode exists: The
system does not prompt for the
passcode if the session instance is
live.
n Prompt if passcode does not exist:
The system prompts users to create
a passcode.
n Session shared: The system shares
the session instance across
applications configured with
Workspace ONE UEM SSO
enabled.
n Prompt if passcode exists: The
system prompts users the application
passcodes.
n Prompt if passcode does not exist:
The system prompts users to create a
passcode.
n Session not shared: The system does
not share the session or the passcode
with other applications.
Table 3-3. Login Behavior for Users when Username and Password is Set for SSO
Authentication Phase SSO Enabled SSO Disabled
Identify n Silent login: The system registers
credentials with the managed token
for MDM.
If silent login fails, the system moves
to the next identification process.
n Authenticate: The system identifies
credentials against a common
authentication system (username
and password, token, and SAML).
n Silent login: The system registers
credentials with the managed token
for MDM.
If silent login fails, the system moves
to the next identification process.
n Authenticate: The system prompts for
application login credentials.
Secure n Prompt: The system does not
prompt for the login credentials if the
session instance is live.
n Session shared: The system shares
the session instance across
applications configured with
Workspace ONE UEM SSO
enabled.
n Prompt: The system prompts for the
login credentials for the application on
every access attempt.
n Session not shared: The system does
not share the session with other
applications.
SDK for iOS (Swift)
VMware, Inc. 22