> For the complete documentation index, see [llms.txt](https://docs.intunemacadmins.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.intunemacadmins.com/platform-single-sign-on-psso/what-is-psso.md). # What is PSSO? {% hint style="info" %} The PSSO feature was something that we have waited a long time for. Having a way for the user to use the same EntraID Password for their sign-in to the Mac is a huge win. Otherwise the user would have to live with two different passwords. With the latest PSSO release, multiple authentication methods are supported, including Secure Enclave, Password Authentication, and Smart Card. {% endhint %} Platform Single Sign-On (SSO) for macOS with Microsoft Intune allows users to sign into their Mac devices using their Microsoft Entra ID credentials. This integration simplifies the sign-in process, enhances security, and reduces the number of passwords users need to remember. Key Features and Benefits: ### Authentication Methods * **Secure Enclave**: Utilizes Apple's Secure Enclave for hardware-bound cryptographic keys, enabling passwordless authentication through Touch ID. * This method does not support password sync but is recommended for its security in storing tokens and being phishing resistant. You can find more about the recommendation here: * **Password Authentication**: Syncs Microsoft Entra ID password with the local macOS account password. * **Smart Card**: Uses an external smart card for authentication. {% hint style="warning" %} Secure Enclave is recommended for its security in storing tokens, it does not support password sync. If password sync is needed, you should use the Password Authentication method. {% endhint %} ### Security * Integrates with Apple's Secure Enclave for phishing-resistant, hardware-bound authentication. * Supports Zero Trust security models by eliminating passwords as primary attack vectors. ### User Experience * Users can log into their Mac devices and automatically gain access to business applications and websites that support SSO without re-entering credentials. * The synchronization of local and Entra ID passwords ensures a consistent login experience. Here is a Video by Windows IT Pro that shows the Platform Single Sign-On experience in detail: {% embed url="" %} Want to read more about PSSO? Here is the Microsoft Learn Article for it: --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.intunemacadmins.com/platform-single-sign-on-psso/what-is-psso.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.