Integrate Apple devices with Microsoft Entra ID
Federated authentication
Apple School Manager and Apple Business Manager integrate with Microsoft Entra ID using federated authentication, allowing users to use their existing user names and passwords. As a result, your users can leverage their Microsoft Entra ID user name (generally their email address) and password as a Managed Apple Account. They can then use those credentials to sign in to their assigned iPhone, iPad, Mac, Apple Vision Pro, and to Shared iPad. After they’ve signed in to one of those devices, they can then also sign in to iCloud on the web.
OIDC
OIDC (OpenID Connect) allows organizations to provision Managed Apple Accounts immediately and to combine Apple School Manager or Apple Business Manager properties (such as SIS user name and grade levels for Apple School Manager and roles) over account data imported from Microsoft Entra ID. When an organization imports users with OIDC, the account information is added as read-only in Apple School Manager and Apple Business Manager until they disconnect from OIDC, in which case the accounts become manual accounts and attributes in these accounts can then be edited. Changes made to accounts in Microsoft Entra ID sync to Apple School Manager and Apple Business Manager accounts every 20 to 40 minutes.