Client Registration Settings

The Client Registration Settings is used to register Zero Sign-on clients such as MobileIron Go and MobileIron Authenticate with Access. MobileIron clients send the device identity certificate to Access for Zero Sign-on registration.

The device identity certificates used by MobileIron clients must follow the same schema as the certificate used in Certificate SSO, under Federation. Use the following setting to determine the username from the certificate and register.

Procedure 

1. In MobileIron Access, go to Profile > Client Registration Settings.
2. For User Certificate, select the user certificate from which to get the user identification information such as the username.
   The user certificate is the Tunnel sample certificate you uploaded to Access.
   
   
3. For Field Name, select the field from which the MobileIron UEM client gets user identifying information.
4. (Optional) For Additional transforms, enter a MiTra expression.
   
   Configure a MiTra expression if the value in the certificate does not map directly to the user identifying information.
   
   Example: select:X509:SubjectAltName:rfc822Name
5. Click Save Registration.

Next steps 

• Configuring Zero Sign-on in MobileIron Access

• Configuring multi-factor authentication in Access

Related topics 

For information about MiTra expressions, see Language to generate values from certificate fields.