With the release of iOS 11.0, the native mail client has now support for OAuth 2.0. OAuth 2.0 is often mentioned as modern authentication and provides some new capabilities like Microsoft Azure Multi-factor Authentication support and allows to using certificates for authentications. Modern Authentication uses a secure token instead of relying on a username and password (Active Authentication).
When configuring a new profile the users have the option to choose between the traditional authentication with username and password, which Apple refers as the manual approach or the using “Sign In” which uses OAuth 2.0 authentication using a safari browser (SFViewController).
See how in works:
A bit of history
Since the release of iOS 10.3 beta there has been a lot of hype around the newly introduced OAuth 2.0 support in the native mail app. For some reason only know to Apple it didn’t make it to the final release. Based on what I have heard they struggled with some issues and decided to postpone the support for a later release. Alex Simons mentioned that Microsoft is working with Apple to get it working.
The support was re-introduced in iOS 11 beta 2 and beta 3, which is a very pleasant surprise for many people with a passion for enterprise mobilty and security.
- iOS beta 2 introduced the support for modern authentication for federated users.
- iOS beta 3 added the support for modern authentication for both federated and cloud-only users.
- iOS beta 6 allowed the users to select the type of authentication to use during profile configuration.
- iOS 11 finale version introduced the support for OAuth in the native mail.
- Practicing Safe Security with iOS 11 and Office 365 (oauth 2.0)
- Single Sign-on and iOS 11
- Exciting new stuff coming in iOS 10.3. Native Mail now support modern auth
- Active Authentication Flow (See the flow)
- Announcing Exchange ActiveSync v16
- Announcing Exchange ActiveSync version 16.1