Home > Endpoint Management > Other Topics > Systems Manager Glossary of Terms > Single Sign On Extension Payload

Single Sign On Extension Payload

Table of contents


The SM Single Sign On Extension payload actually reflects 2 payload types from Apple’s MDM docs:

This should not be confused with the old SingleSignOn payload (which Systems Manager does not directly support).  


These payloads allow the MDM Administrator to expose specific external single sign-on to both native apps as well as webapps via Safari.  As the Kerberos version of this extension conforms to expected Kerberos norms, we won’t be discussing it here. If you require assistance with the Extensible Single Sign On with Kerberos payload, please reach out to your directory services vendor.  

Required Keys

For the custom Single Sign On extension, the following keys are required:

Extension Identifier - The bundle identifier of the extension binary.  This should be provided by your Single Sign On vendor.

Sign-on Type - The type of Single Sign-on being provided.  "Credential" types are based on locally handled username and password, "Redirect" types perform oauth via identity provider URL.

Realm - The realm name for "Credential" payload types.  This value is case-sensitive and is ignored for "Redirect" sign-on types.  

Team Identifier - Team identifier for the app extension. 

Domains - "Hosts key" in Apple’s documentation.  Should be host names or domain names of sites or apps which can access this identity endpoint. "Credential" payloads only, ignored for "Redirect" types.  

URLs - URL prefixes of identity providers where the extension will be redirecting for SSO.  Required for "Redirect" types, ignored for "Credential" types. 

Custom Extension Data - Custom extension data required for the SSO extension to function.  This information will be provided by your SSO/Extension vendor.  

Last modified



This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 9081

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community