PSSO, Passkeys, Chrome, Authenticator - technology playing nice

31 views

Skip to first unread message

Sam McNeill

unread,

Nov 4, 2025, 7:45:34 PM (3 days ago) Nov 4

to Techies for schools

Hi Guys,

Sharing a brief video of a real mish mash of vendor tech coming together to improve security practices:

https://samuelmcneill.com/2025/11/05/video-psso-passkeys-with-chrome-browser-on-a-mac/

There's a 20second video in there showing:

PSSO registration using a Passkey in Microsoft Authenticator that links the Mac and the EntraID credential
Opening an incognito window in Chrome and navigating to portal.azure.com
Selecting the Passkey from the Keychain
Using TouchID / Secure Enclave to authorise the use of the Passkey
Result: passwordless sign into portal.azure.com via a Passkey and PSSO in a Chrome web browser on macOS

This is an interesting use case for me because so many schools have a mix of these technologies but don't always connect them together. In this case:

Mac for the device
Chrome as the browser of choice
EntraID as the IdP
Microsoft Authenticator for creating/managing the Passkey

I'm personally interested in smarter and more secure methods of authentication and given Chrome browser has not historically supported the use of the MSFT SSO extension on macOS, this is a nice way to get 'passwordless' authentication through a Chrome browser via PSSO.

I'm not 100% convinced this is straighforward enough for the average end user to navigate the initial passkey configuration and also the sign in 'option' for an MSFT portal page, but it's slowly moving in the right direction. I'd also be interested to learn just how widespread the adoption of passkeys actually is.... a conversation for a different thread perhaps.

The Simplified Setup with IdP Sign in during the macOS OOBE is going to be really nice addition (Okta support already, EntraID not yet, no word on Google from what I see) and will make the macOS PSSO experience really come to life. Some more info here:

Platform SSO Simplified Setup in macOS 26: Streamlining Identity Management for Mac | Jamf Blog

Anyway, a short share - interested if anyone is doing similar things mixing tech like this for a more secure auth experience.

Cheers

Sam

Reply all

Reply to author

Forward

0 new messages