mirror of
https://github.com/apple/device-management.git
synced 2026-02-13 05:13:01 +00:00
79 lines
2.7 KiB
YAML
79 lines
2.7 KiB
YAML
title: Error Code Platform SSO Required
|
|
description: An error response that indicates Platform SSO is required.
|
|
payload:
|
|
supportedOS:
|
|
iOS:
|
|
introduced: n/a
|
|
macOS:
|
|
introduced: '26.0'
|
|
tvOS:
|
|
introduced: n/a
|
|
visionOS:
|
|
introduced: n/a
|
|
watchOS:
|
|
introduced: n/a
|
|
payloadkeys:
|
|
- key: code
|
|
type: <string>
|
|
presence: required
|
|
rangelist:
|
|
- com.apple.psso.required
|
|
content: Indicates that the device needs to do Platform SSO before enrollment and
|
|
setup can proceed.
|
|
- key: description
|
|
type: <string>
|
|
presence: optional
|
|
content: A description of the error. Only use this for logging purposes and don't
|
|
display it to the user.
|
|
- key: message
|
|
type: <string>
|
|
presence: optional
|
|
content: A description of the error to display to the user.
|
|
- key: details
|
|
type: <dictionary>
|
|
presence: required
|
|
content: A dictionary that contains additional data about the error code.
|
|
subkeys:
|
|
- key: ProfileURL
|
|
type: <string>
|
|
presence: required
|
|
content: The URL of the profile containing an `ExtensibleSingleSignOn` profile
|
|
payload that the device uses to configure the SSO extension for Platform SSO.
|
|
- key: Package
|
|
type: <dictionary>
|
|
presence: required
|
|
content: A dictionary that specifies the package that the device uses to install
|
|
an app with the SSO app extension used for Platform SSO.
|
|
subkeys:
|
|
- key: ManifestURL
|
|
type: <string>
|
|
presence: required
|
|
content: The URL of the app manifest, which needs to begin with `https:`.
|
|
- key: PinningCerts
|
|
type: <array>
|
|
presence: optional
|
|
content: An array of DER-encoded certificates to pin the connection when fetching
|
|
the `ManifestURL`.
|
|
subkeys:
|
|
- key: PinningCertsItem
|
|
type: <data>
|
|
presence: required
|
|
content: A certificate in DER-encoded format.
|
|
- key: PinningRevocationCheckRequired
|
|
type: <boolean>
|
|
presence: optional
|
|
default: false
|
|
content: If `true`, certificate revocation checks require a positive response
|
|
when using certificate pinning with `PinningCerts`.
|
|
- key: AuthURL
|
|
type: <string>
|
|
presence: required
|
|
content: The URL the device uses to create an `ASWebAuthenticationSession` to
|
|
trigger Platform SSO authentication, once the profile and app are installed.
|
|
notes:
|
|
- title: ''
|
|
content: |-
|
|
The schema for a JSON or property list XML document that an MDM server's 403 response body contains. The response headers need to include a "Content-Type" header that indicates whether the response returns JSON or XML.
|
|
|
|
The MDM server returns this response when a device enrolls in MDM during Setup Assistant and it requires the user to sign-in using Platform SSO before it allows enrollment and setup to proceed.
|