Entra ID

macOS Platform SSO in ADE Now Generally Available

2 min read

Summary

Microsoft has made Platform SSO during Automated Device Enrollment generally available for macOS. The update lets organizations register devices and enable Platform SSO automatically during setup, reducing user prompts and helping IT teams deliver a more secure, consistent onboarding experience from day one.

Need help with Entra ID?Talk to an Expert

Introduction

Microsoft has announced general availability for Platform SSO (PSSO) during Automated Device Enrollment (ADE) on macOS. For IT teams managing Apple devices with Microsoft Entra ID and Intune, this is an important improvement because it removes extra enrollment steps and builds identity configuration directly into the initial setup experience.

What’s new

With this release, Platform SSO can now be completed automatically during macOS Automated Device Enrollment.

Key changes include:

  • Automatic Entra ID registration during setup for enrolled macOS devices
  • Platform SSO activation as part of enrollment instead of requiring a separate post-setup action
  • Fewer user prompts during first-run device onboarding
  • More consistent identity configuration across newly deployed Macs

This is enabled through the EnableRegistrationDuringSetup capability, which performs Platform SSO registration within the managed ADE workflow.

Why this matters

Previously, users could be asked to finish Platform SSO registration after setup, often through an additional prompt or a manual “Finish” step. That added friction to onboarding and created another point where setup could be delayed or missed.

By integrating PSSO directly into ADE, Microsoft is helping organizations:

  • Reduce deployment complexity
  • Improve first-day productivity for users
  • Strengthen compliance and device trust earlier in the lifecycle
  • Standardize identity-backed access from the first sign-in

This will be especially useful in large-scale deployments, including enterprise rollouts, education environments, and frontline scenarios where speed and consistency matter.

Impact on IT administrators

For admins, this update means identity is now treated as a core part of macOS provisioning rather than a follow-up task. If you already use ADE and Platform SSO, the workflow becomes simpler and easier to standardize.

Benefits for IT teams include:

  • Less reliance on users to complete setup correctly
  • Fewer enrollment support issues
  • Better alignment between MDM provisioning and Entra identity controls
  • Faster delivery of compliant, ready-to-use devices

Next steps

To use Platform SSO during Automated Device Enrollment, organizations should:

  1. Configure Automated Device Enrollment for macOS in their MDM solution.
  2. Ensure Platform SSO is already configured for the organization.
  3. Enable EnableRegistrationDuringSetup in the deployment profile.

If you manage macOS devices in Microsoft Intune, now is a good time to review your ADE profiles and update your onboarding process to take advantage of this GA capability.

Need help with Entra ID?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Read the original article by Justin-Ploegert
Entra IDmacOSPlatform SSOAutomated Device EnrollmentIntune

Related Posts

Entra ID

Microsoft Identity Manager 2016 SP3 Now Available

Microsoft Identity Manager 2016 SP3 is now generally available, bringing improved stability, broader platform compatibility, and a new Azure SQL Database deployment option for the Synchronization Service. The update matters for organizations running hybrid identity environments because it reduces operational risk, supports newer infrastructure components, and gives customers a supported path forward while planning longer-term moves to Microsoft Entra.

Entra ID

Microsoft Entra Face Check Secures High-Risk Identity Flows

Microsoft is expanding Face Check in Microsoft Entra Verified ID to strengthen identity verification during remote onboarding, access requests, and account recovery. The update removes per-user Face Check limits in Microsoft Entra Suite and highlights general availability for verified account recovery, helping organizations reduce impersonation risk and help desk dependency.

Entra ID

Microsoft Entra May 2026: Global Secure Access GA

Microsoft Entra’s May 2026 updates focus heavily on Global Secure Access, certificate-based authentication, and stronger privileged access controls. The new capabilities help IT teams extend Zero Trust protections to branch offices, mobile devices, external users, and AI workloads while improving usability and policy enforcement.

Entra ID

Microsoft Entra ID Passkeys: Fixing Recovery Gaps

Microsoft is expanding its passkey-first strategy in Entra ID by addressing the security gaps that remain after passkey deployment, including fallback credentials and weak account recovery. New capabilities such as Windows passkeys, passkey-preferred authentication, and generally available Entra ID account recovery help organizations reduce phishing and social engineering risk while improving user experience.

Entra ID

Microsoft Entra Webinar Series Strengthens Identity Security

Microsoft has launched a five-part Secure identity foundation with Microsoft Entra webinar series focused on passwordless authentication, Conditional Access, ID Protection, Tenant Governance, and Backup and Recovery. The series gives IT and security teams practical deployment guidance to strengthen access management, improve tenant visibility, and build more resilient identity protections across cloud and hybrid environments.

Entra ID

Microsoft Entra Internet Access Adds AI Security

Microsoft has announced new generally available and preview capabilities for Entra Internet Access and Entra Private Access, with a strong focus on securing AI, web, and private app traffic. The updates give IT teams more visibility into shadow AI, prompt injection risks, unmanaged devices, and private app access while extending Zero Trust controls across more scenarios.