Configure user certificate authentication for a group of applications

Configure user certificate authentication for a group of applications

We can configure the User Certificate Authentication feature to issue a certificate to a user on a device for a group or family of applications that are protected by the user certificate authentication realm. This configuration allows a user to authenticate once and be automatically authenticated to a set of applications on the device (single sign-on). This single sign-on option among a family of applications can be achieved with the Simple Data Sharing feature, which allows the User Certificate Authentication feature to provision a device with a user certificate that applies to, and is used by, all applications in the same specified MobileFirst family.
We can configure the User Certificate Authentication feature to provision the device with a user certificate shared among a group of applications. This configuration allows a group of applications to authenticate with the same X.509 client certificate. This function is supported only on iOS and Android hybrid environments.
The iOS x509AccessGroup property is deprecated since IBM MobileFirst Platform Foundation v6.3.0. Use the Simple Data Sharing feature instead.

Enable the Simple Data Sharing feature as explained in Enable the Simple Data Sharing feature for hybrid applications.

Ensure that you select the user certificate authentication group support option in the application descriptor file.

Parent topic: User certificate authentication on the client