Google Identity login to Mac

Since a few macOS versions ago, Apple has allowed third-party solutions to replace the default login window. This feature requires an MDM to deploy the necessary configuration. Using a configuration profile, you can instruct macOS to no longer use the native login window but instead redirect authentication to a third-party solution, such as Microsoft Company Portal. During the first login, a local user account is automatically created based on the information retrieved from Microsoft 365. This includes details like whether the user should be a standard user or an administrator, depending on group membership in Azure AD. The cloud password is also synced as the local macOS password. This setup ensures that if the user changes their Microsoft 365 password, their local macOS password is also updated at the next login. If you’d like, I can share an example configuration profile for this setup.