Has anyone integrated fleet with auth? We'd like to set it up so that devices can only login to certain (internal) websites when their device is under management.

Clarify what you mean by "auth"?

Hi @James, can you clarify what authentication systems you're trying to integrate? I think you're on the right track with the issue you linked. I would follow that issue and see if any of the certificate functionality that we add to Fleet helps with your desired workflow.

As in I'd like to ensure that employees are on a managed device when they access various internal applications. Said internal applications are secured via SSO using keycloak. So the idea would be that keycloak can inject an extra token/check based on the presence of fleet. The question becomes how to do that: • One possibility I considered is using keycloak's x509/client certificate support; and hoping fleet could issue a client cert onto managed devices • One option I don't have the expertise for is making a keycloak plugin that integrates with fleet to verify things

@James the feature mentioned in the issue is moving through our development pipeline. Currently we don't have native functionality to deploy certificates for features other than MDM, but hopefully that will change soon.