iOS 11 provides support for OAuth 2.0 (Modern Auth) in the native mail app

With the release of iOS 11.0, the native mail client has now support for OAuth 2.0. OAuth 2.0 is often mentioned as modern authentication and provides some new capabilities like Microsoft Azure Multi-factor Authentication support and allows to using certificates for authentications. Modern Authentication uses a secure token instead of relying on a username and password (Active Authentication).

When configuring a new profile the users have the option to choose between the traditional authentication with username and password, which Apple refers as the manual approach or the using “Sign In” which uses OAuth 2.0 authentication using a safari browser (SFViewController).

See how in works:

A bit of history

Since the release of iOS 10.3 beta there has been a lot of hype around the newly introduced OAuth 2.0 support in the native mail app. For some reason only know to Apple it didn’t make it to the final release. Based on what I have heard they struggled with some issues and decided to postpone the support for a later release. Alex Simons mentioned that Microsoft is working with Apple to get it working.

The support was re-introduced in iOS 11 beta 2 and beta 3, which is a very pleasant surprise for many people with a passion for enterprise mobilty and security.

  • iOS beta 2 introduced the support for modern authentication for federated users.
  • iOS beta 3 added the support for modern authentication for both federated and cloud-only users.
  • iOS beta 6 allowed the users to select the type of authentication to use during profile configuration.
  • iOS 11 finale version introduced the support for OAuth in the native mail.

References:

/Peter

 

2 comments

  1. Surprised how clunky it looks. All the flipputy flip of displays just for a silly login. Kinda looks like script kiddy work.

Leave a Reply