Post

Replies

Boosts

Views

Activity

Apple's envisioned implementation of the .well-known endpoint
In the video, it is mentioned that the first step the device will take when a user Signs In to Work or School Account is to parse the domain out from the account entered and query the .well-known endpoint to find the Enrollment server. For a given customer (example.com in the video), the MDM provider does not necessarily have access to that customer's WWW servers. What is Apple's vision to expose the .well-known endpoint? For each customer to modify their WWW server and implement the endpoint? Perhaps redirect to their MDM solution? Either of the above seem cumbersome as they put the onus on each tenant. Is there a suggested pattern that can be centralized and fully owned by the MDM provider (while maintaining the expected account identity for each customers - i.e. accounts of the form user @ example.com)?
0
0
635
Jun ’21