User certificate authentication

Enterprises can now use X.509 client-side certificates to authenticate users, by applying a new user authentication realm to their existing security tests. This new realm is called UserCertificateAuthRealm. This feature allows enterprises to enroll users to their enterprise certificate authority (CA) directly from their mobile devices. The traffic between the MobileFirst application on the device and the MobileFirst Server in the enterprise can be secured over HTTPS with client-side certificates that are issued to the users as part of the initial enrollment process.

This feature is available on iOS and Android (hybrid and native) environments.

This feature is not supported with the FIPS 140-2 feature.

Parent topic: Developing MobileFirst applications