Certificate-based client authentication was delivered with EAM release 11.3 (201804) patch. HxGN EAM’s enhanced authentication process supports authentication with a personal identity verification card (PIV) or common access card (CAC).
EAM web server configuration is based on mutual authentication which requires clients to present a certificate that the server will validate. While client settings are configured to retrieve the certificate from the CAC card, the server is configured to validate the client’s certificate, and if the validation is successful, the corresponding record in the EAM database is referenced and the user is logged into the application.
This revised process authenticates the user without the need for an AD/ADFS server, and without prompting the user for a username and password.