Supports macOS Sonoma

XCreds

Log in to your Mac with your Cloud Password

Download Trial Buy

Cloud Login at the Login Window

XCreds supercharges your Mac login window. Use your Azure, Google Cloud, Okta or any OpenID Connect password to log in to your Mac. XCreds verifies the password with your identity provider and saves the tokens to the user keychain for validation that the cloud password is in sync with the local password. Perfect.

New Account Creation

Brand new Mac? No worries! XCreds will provision the user account, home directory and all that you need for first log in. All you need to do is log in. If WiFi is not set up, XCreds allows you to select a wireless network for that first connection. Easy as that.

Easy Configuration

XCreds uses configuration profiles for all settings. Create the configuration profile using Profile Creator and drop it into your MDM. Done.

Offline Access

Getting on a plane and no WiFi but still need to log in? Want to log in as a local user or an admin account? XCreds can easily switch to the standard macOS Login Window. Just like that.

Password Syncing

XCreds works by keeping your local Mac password in sync with your Identity Provider password. If you use Azure or Google or another identity provider, XCreds will make sure the password is the same. XCreds runs in the background and checks if the cloud password has been changed. If it detects the password has changed, it prompts to log in to the cloud provider and updates the local password and the keychain password automatically.

Active Directory Login

Log in with local Active Directory user accounts right from the XCreds login window. Even if the user has not logged in before, a local account will be provisioned and the local password will be set to the Active Directory password. Once the user has logged in, a kerberos ticket will be requested for Active Directory Single Sign-On. On subsequent logins, the local password will be updated to match the Active Directory password.

See It In Action


XCreds Features

  • Login Window log in to OIDC provider
  • Support for Azure, Google Cloud, Okta and any OIDC provider
  • Initial account provisioning
  • WiFi Login Window configuration
  • Restart and shutdown from Login Window
  • Profile manifest available for easy configuration
  • Local password update with IdP password
  • Prompt for IdP password when changed
  • Login Keychain password updating
  • Customizable preferences
  • Easy deployment
  • Uses OpenID Connect
  • Attractive and pleasing menu icon
  • Easy configuration with profile / MDM
  • Profile Manifest for Profile Creator Support
  • Two-Factor and Multi-Factor support
  • New username and password window
  • Able to create a user as an admin using group member preference
  • Kerberos ticket
  • Switch to login window at screensaver
  • Reset keychain
  • Most preferences are now able to be overridden
  • Added shake to the password field
  • Small Organization
  • $99
  • Per Organization Per Year
  • ✓ Can be installed on up to 33 Macs (or add more!)
    ✓ 1 year basic support

    Request Quote


Buy Now
  • Business and Government
  • $3
  • Per Client Mac Per Year
  • ✓ For large organizations and government
    ✓ Minimum 1000 client Macs
    ✓ 1 year premium support

    Request Quote


Buy Now

Open Source

XCreds is open source software so you can deploy it to all your Macs, audit the code, make changes, and know that it will be around when you need it. If you need support for your organization, there is a public Slack channel on MacAdmins Slack.

Reduce Support Costs

When the local password is different from cloud passwords, it can drive up support costs. Using XCreds, any change in the cloud password is detected and the local password is updated along with the login keychain.

System Requirements

  • Version history
  • Intel-based or Apple Silicon Mac
  • macOS 13 Ventura or 14 Sonoma

XCreds News & Tips


Updates

Happy Holidays From Twocanoes!

December 23, 2023

Happy Holidays From Twocanoes!

Read More
Updates

Using Gate and Token Manager to Issue Certificates

November 7, 2021

We’ve added functionality to our Signing Service via Gate and Token Manager! These apps can now issue certificates on their own.

Read More