I am looking for the magic sauce to make the following work. I am convinced it can, I just need to know the keys/strings/values.
Scenario:
Enterprise deploys and maintains app via a Mobile Device Management system (Meraki).
The Enterprise has federated their Apple Managed IDs with Microsoft Azure AD – Apple Managed ID is identical to the Enterprise user’s Azure ID (example: student1234@domain.us) .
The Enterprise wants to deploy the Microsoft “MyApps” app that facilitates SSO/SAML logins AND use the Managed App Settings Payload. Depending on the MDM, this may be delivered via *.XML or *.plist file or profile. These files provide configuration info for the app specific to the user. (See documentation: https://documentation.meraki.com/SM/Profiles_and_Settings/Using_the_Managed_App_Settings_Payload and https://docs.microsoft.com/en-us/intune/apps/app-configuration-policies-use-ios)
The end user signs into the device with the same password that is paired with the Apple Managed ID/Azure AD username.
There should be a way that the MyApp can pull the necessary username/password pair from the local device so that the user needs to only click the app and it will automatically authenticate without entering a username and password.
I am guessing that the app needs to be deployed on a per user not a per device.
Your input is welcome
