Seamless Learning

Overview

Seamless Learning Access is a Jamf capability for K-12 ed-tech partners. It signs students into your app on a managed iPad without a username, password, or tenant URL to type. Identity is brokered through a Jamf-managed SSO extension on the device, and configuration is delivered through Apple's Managed App Configuration framework.

The process is demoed in the video below:

Required App Support

In order to integrate with Seamless Learning Access your application must support the following:

• OIDC sign-in via RapidIdentity - Seamless Learning Access uses RapidIdentity (Identity Automation) as its OIDC identity provider. The SSO extension on the iPad brokers tokens from RapidIdentity to your app, which means your app must support a standard OIDC sign-in flow. Read more on RapidIdentity's OpenID Connect page.

• Managed App Configuration - Your app must read configuration values that the MDM server delivers via Apple's Managed App Configuration framework. At minimum your app supports two keys, enableLogin and host, which switch the app into Seamless Learning Access mode and scope the user into the correct tenant. Read more on the Managed App Configuration Best Practices page.

📘

Note

When enableLogin is false or missing, your app should fall back to its normal sign-in flow. This keeps your consumer App Store users unaffected by your Seamless Learning Access support.

What's Next

Learn how the components fit together in your application:

• Seamless Learning Access Components
• Managed App Configuration Best Practices
• Technology Partner Program