Before You Start
SSO Enrollment (COD) allows IT admins to securely enroll corporate-owned Windows devices using the company’s identity provider. This method streamlines authentication through Single Sign-On (SSO), ensuring devices automatically register under managed policies while maintaining unified credential control.
SSO enrollment ensures centralized authentication, improved compliance visibility, and reduced manual entry during setup.
There's a video guide to this document as well.
Step 1: Install the Trio Agent
Download and install the Trio Agent on the Windows device.
Once installation is complete, click Continue to proceed.
Step 2: Select Enrollment Type and Ownership
On the next screen, choose Mobile Device Management (MDM) or Remote Monitoring and Management (RMM) based on your organization’s setup.
Under Device Ownership, select This is a company-owned device (COD).
Step 3: Enroll with SSO
Choose Enroll with SSO as the authentication method.
Enter your organization name to connect to your company’s identity provider.
Step 4: Select SSO Provider
Choose your preferred SSO provider (e.g., Google Workspace or Microsoft).
Enter your work email when prompted.
Step 5: Authenticate and Approve
Complete authentication using your organization’s login portal.
Approve the sign-in request using your Authenticator App or 2FA method.
Once verified, the setup will automatically continue.
Step 6: Complete Enrollment
Once the process finishes, a confirmation message will appear stating “Your system is successfully enrolled.”
Click Done to close the setup wizard.
Next Steps
Immediate actions:
Confirm the device appears in Fleet → Enrollment → Recent Enrollments.
Verify assigned apps, configurations, and policies have been applied automatically.