Single Sign-on with AzureAD for DEP iOS devices
DEP device enrollment support for Azure AD accounts, for shop which are using Azure AD instead of AD/LDAP for user management, Instead of setting up a user with self service password on Sophos central if it can authenticate with Single sign-on with Azure AD. It can help to streamline device setup. It should be Zero touch for users so that user can sign in with email id and password on DEP device, it should create a user in Sophos central with user email with Single sign on authentication with Azure AD.
You have my vote. Sophos Mobile requires account creation by the email invitation, requires manual creation of the account and redundant password. Only then Azure AD integrated users can log into self portal . When you Azure AD integrate, account should be created for that user automatically on the first login attempt. Currently users just get error, Sophos account does not exist. This defits the Self Portal idea