In the video, it is mentioned that the first step the device will take when a user Signs In to Work or School Account is to parse the domain out from the account entered and query the .well-known endpoint to find the Enrollment server.
For a given customer (example.com in the video), the MDM provider does not necessarily have access to that customer's WWW servers. What is Apple's vision to expose the .well-known endpoint? For each customer to modify their WWW server and implement the endpoint? Perhaps redirect to their MDM solution?
Either of the above seem cumbersome as they put the onus on each tenant. Is there a suggested pattern that can be centralized and fully owned by the MDM provider (while maintaining the expected account identity for each customers - i.e. accounts of the form user @ example.com)?
ErnestoLara
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
From
United States