Supports macOS Sonoma
Thanks for Downloading MDS
MDS is downloading now. Please open the downloaded package file to install the application.
Cloud Login at the Login Window
XCreds supercharges your Mac login window. Use your Azure, Google Cloud, Okta or any OpenID Connect password to log in to your Mac. XCreds verifies the password with your identity provider and saves the tokens to the user keychain for validation that the cloud password is in sync with the local password. Perfect.
New Account Creation
Brand new Mac? No worries! XCreds will provision the user account, home directory and all that you need for first log in. All you need to do is log in. If WiFi is not set up, XCreds allows you to select a wireless network for that first connection. Easy as that.
Easy Configuration
XCreds uses configuration profiles for all settings. Create the configuration profile using Profile Creator and drop it into your MDM. Done.
Offline Access
Getting on a plane and no WiFi but still need to log in? Want to log in as a local user or an admin account? XCreds can easily switch to the standard macOS Login Window. Just like that.
Password Syncing
XCreds works by keeping your local Mac password in sync with your Identity Provider password. If you use Azure or Google or another identity provider, XCreds will make sure the password is the same. XCreds runs in the background and checks if the cloud password has been changed. If it detects the password has changed, it prompts to log in to the cloud provider and updates the local password and the keychain password automatically.
Active Directory Login
Log in with local Active Directory user accounts right from the XCreds login window. Even if the user has not logged in before, a local account will be provisioned and the local password will be set to the Active Directory password. Once the user has logged in, a kerberos ticket will be requested for Active Directory Single Sign-On. On subsequent logins, the local password will be updated to match the Active Directory password.
See It In Action
XCreds Features
- Login Window log in to OIDC provider
- Support for Azure, Google Cloud, Okta and any OIDC provider
- Initial account provisioning
- WiFi Login Window configuration
- Restart and shutdown from Login Window
- Profile manifest available for easy configuration
- Local password update with IdP password
- Prompt for IdP password when changed
- Login Keychain password updating
- Customizable preferences
- Easy deployment
- Uses OpenID Connect
- Attractive and pleasing menu icon
- Easy configuration with profile / MDM
- Profile Manifest for Profile Creator Support
- Two-Factor and Multi-Factor support
- New username and password window
- Able to create a user as an admin using group member preference
- Kerberos ticket
- Switch to login window at screensaver
- Reset keychain
- Most preferences are now able to be overridden
- Added shake to the password field
- Small Organization
- $99
- Per Organization Per Year
✓ Can be installed on up to 33 Macs (or add more!)
✓ 1 year basic support
Buy Now
- Business and Government
- $3
- Per Client Mac Per Year
✓ For large organizations and government
✓ Minimum 1000 client Macs
✓ 1 year premium support
Buy Now
Open Source
XCreds is open source software so you can deploy it to all your Macs, audit the code, make changes, and know that it will be around when you need it. If you need support for your organization, there is a public Slack channel on MacAdmins Slack.
Reduce Support Costs
When the local password is different from cloud passwords, it can drive up support costs. Using XCreds, any change in the cloud password is detected and the local password is updated along with the login keychain.
Resources
System Requirements
- Version history
- Intel-based or Apple Silicon Mac
- macOS 13 Ventura or 14 Sonoma
XCreds News & Tips
Updates
Read More
Protected: Understanding the Single Sign-On Extension
April 3, 2024There is no excerpt because this is a protected post.
Updates
Read More
Protected: Platform SSO: A Guided Tour
March 21, 2024There is no excerpt because this is a protected post.