SSO – Certificates

Implementation Summary:

  • The recommended approach for implementing certificate authentication is through the AirWatch SDK.

  • The alternative is to use App Wrapping.

Platform AppConfig Community AirWatch SDK AirWatch App Wrapping
iOS Recommended Supported N / A
Android Recommended Supported N / A

SDK (Recommended):

  • Integrate the AirWatch SDK into your application and configure an SDK profile with Integrated Authentication configured for certificate authentication.

  • Use the SDK provided interfaces to handle the networking authentication challenges.

  • Requires some coding.

AppConfig Community (Android only):

  • Configure a credentials payload in an Android for Work profile. This will send the certificate to the device’s managed keystore.

  • Code your app to read the value stored at the “ManagedAppCertAlias” key from RestrictionsManager. This value is your certificate alias.

  • Query the keychain using the alias you obtained for the ManagedAppCertAlias key from RestrictionsManager as the argument and retrieve the certificate to be used for authentication challenge.

  • Requires Android 5.0+ and Android for Work device.

  • Use this certificate to respond to any client certificate authentication challenges.

Wrapping (iOS only):

  • Requires neither coding nor MDM, only device entry in the AirWatch system.

  • Develop and compile your app.

  • Verify that the app is only using an approved MADP platform and coding techniques.

  • Run the compiled binary through the AirWatch App Wrapping engine.

  • Assign a wrapping profile to your app with Integrated Authentication configured for certificates.


Questions? Comments? Leave them for us here.