|Issue||There are 2 main use cases for setting up mutual authentication through the use of client certificate:|
This document describes the process of using HTTP header for passing user details to Archer, install client authentication in IIS, importing the certificate to IIS and configure Archer applications to work with client authentications.
- Added security between the user and the Archer server. In other words, the Archer would need to trust the user who is logging into Archer by making the user present a client certificate which Archer knows about
- For Single Sign On using HTTP header, the client can present the username in the HTTP header without presenting the password to Archer. Archer will allow the user to access the system as long as the user is defined within Archer, no password is required for further authentication. By introducing the client certificate, it allows a more secure way to access Archer.