Thanks for the interesting post!
The authentication profile can be sent to android devices to manage the login screen of the device, as shown below. But we do not have an option for having SSO. If needed, you can raise a Feature request to implement this feature in the upcoming builds of MobiControl.
Technical Support | SOTI Inc. |+1-888-494-SOTI (7684) | email@example.com | www.soti.net |
For your first question, if your devices are shared devices, each of which may be used by different end-user at different time, you can choose to enrol/configure your devices into shared device mode. AD/LDAP account integration is needed to use such function. After device power-up, a lockdown screen prompts end-user to input his/ger AD/LDAP account and credential. Upon successful completion, the device can potentially be automatically relocated to different device groups (and hence deployed with different MDM profiles/rules/advanced-configuration policies). The name of the logged-in user will also be reported to the web-console, and such information may be passed to your app via different mechanisms, including at least the following:
- through reading of data file containing latest logged in user-name sent to the device via file-sync rule
- Android intent sent to specific/all apps by the device agent
- parameter though AppConfig framework if the app is a managed app supporting AppConfig
Depending on the device platform, a device will be cleaned up differently upon user log-out.