About Derived Credentials with Ivanti Neurons for MDM
This guide refers to Connected Neurons for MDM. Connected Neurons for MDM has reached end of life. Please see this article for more information.
Smart cards contain identity certificates that give your users access to various computing resources without using passwords. The identity certificates make up the user’s primary credential. A derived credential:
-
derives from the primary credential.
The derived credential contains identity certificates derived from the primary credential’s identity certificates. Therefore, if the primary credential becomes revoked or expired, the derived credential also becomes revoked or expired.
-
is an X.509 public key certificate
-
is stored on the user’s mobile device
Apps on the user’s iOS or Android mobile device can use these derived identity certificates for these purposes:
|
Purpose |
Supported platforms |
|
Authenticating to your backend servers, such as web servers, app servers, or content servers |
iOS and Android |
|
Authenticating to your backend email server |
iOS and Android |
|
Digital signing |
iOS and Android |
|
Encryption |
iOS and Android |
Typically, a different identity certificate is used for authentication, signing, and encryption. The identity certificates each have the same identity information, but the private and public key pair for each is different.