Enterprise security solutions often require users to repeatedly authenticate with separate credentials even after logging into their macOS device, creating user friction and reducing adoption of Zero Trust policies. This additional authentication step undermines your enterprise investments in centralized identity management and can lead to user resistance or security workarounds that compromise your overall security posture.

macOS Platform SSO support for Prisma® Access Agent eliminates these pain points by automatically authenticating to the agent using your users' existing macOS device credentials. When they log into their macOS device, the agent leverages their Platform SSO token to provide transparent connectivity to Prisma Access without additional login prompts, maintaining always-on security protection while preserving user productivity.

You can deploy this feature on macOS devices where your mobile device management (MDM) solution has configured SSO extension profiles through tools like Microsoft Intune or Jamf. The agent integrates with any identity provider (IdP) that supports macOS Platform SSO (such as Microsoft Entra ID or Okta) while protecting users' authentication credentials using Secure Enclave hardware-backed storage. The agent operates silently after device login, automatically establishing Prisma Access connection without browser prompts or manual intervention.