What is Managed Apple ID and why you should care

 In |

Reading Time: 3 minutes

When you hear about Managed Apple IDs, what’s your first thought?

For many, it’s something like, “This will make it easier for our employees to buy apps.”

It’s reasonable to associate “Apple IDs” with consumer use and, therefore, app purchases. But that’s not what Managed Apple IDs are for; they enable a whole lot more.

Managed Apple IDs are accounts created through Apple Business Manager that are owned and controlled by your organization and designed specifically for business purposes. They let your employees access controlled corporate data in iCloud and allow document sharing and collaboration in Pages, Keynote, and Numbers.

But this is just the start.

The advantages of Managed Apple ID

Managed Apple IDs offer other advantages that may seem less obvious:

Creates a single sign-on

Juggling multiple passwords can become an unnecessary burden. With Managed Apple ID, so long as you have Azure Active Directory, that’s no longer an issue.

With federated authentication, Apple Business Manager syncs to your Azure tenant, allowing the Managed Apple ID to use the corresponding username and password in Azure Active Directory. This gives your employees a single sign-on for their corporate identity, Apple or Microsoft.

Simplifies device management

Managed Apple ID enables constant communication between Apple Business Manager and your Azure Active Directory server, unifying identities across platforms.

If you deactivate one of your employees’ accounts in Active Directory, their Managed Apple ID automatically turns off as well, shutting out employees that should no longer have access to your system.

On the flip side, Managed Apple ID also makes the new User Enrollment process for BYOD devices possible. When a user signs in on a personal device with their Managed Apple ID, the enrollment process kicks off automatically. Your organization ensures that all devices are synced under corporate credentials, but your employees also maintain control over their personal data. This is a win-win for all involved.

How do you set up Managed Apple ID?

Managed Apple IDs are created automatically through the integration of Apple Business Manager and Microsoft Azure Active Directory. It’s a simple and streamlined process and can be done in a few minutes using a Domain Administrator account.

Once an admin logs in to Apple Business Manager, they can add any domains they wish to federate, including multiple domains from a single Azure tenant.

If any of your employees currently have Apple IDs attached to their work emails, an automatic conflict resolution process starts running.

Affected employees will be alerted and informed they need to switch their Apple ID to a new, personal email address.

Employees have a 60-day grace period to perform the change, which only takes a minute or so. Once that 60-day period lapses, users are directed to a page to complete the change immediately.


For business purposes – and that’s a good thing

There are quite a few misconceptions surrounding Managed Apple IDs, and that’s understandable.

But when you dig into ways you can use them, you’ll find they allow for simple and efficient User Enrollment for BYOD devices. They create single sign-on for macOS devices by synchronizing Apple Business Manager and Azure Active Directory. And they can be used as an iCloud account, making collaboration between users that much easier.

If you have any questions or want to learn more about the benefits of Managed Apple ID, contact your SHI account executive.