Hi all,

I'm trying to use the new iOS 13.0 ExtensibleSingleSignOn payload to get Office 365 URLs in Safari to SSO with Microsoft Authenticator. It's described here in the Microsoft Azure docs. 

Anyway I set it all up and checked the values I had with the properties which are here in the Apple Device Management docs.

When I target devices with the profile I get the error "The field 'Type' is invalid" in Meraki (see below)

The only two type fields in the SSO payload are "Select Extension Type" and "Sign-On Type": 

But because both fields are pre-defined within Meraki I'm not sure how they can be invalid. And as far as I know I can't download the payload XML to check, either.

I've checked by creating another Meraki payload using Kerberos, but that threw the same response.

I've also searched high and low for more information about this payload on the web but it doesn't seem to be widely adopted as far as I can tell. 

Can anyone tell what I'm doing wrong?

Has anyone had experience configuring Extensible SSO with iOS devices using Meraki?

Thanks in advance