When device not managed by MDM solution or downloaded certificate is not exposed, if an application want to securely use the downloaded user-identity certificate from it's known server to use in handling the authentication challenges through MSAL in an embedded WebView provided by MSAL. The sign-in request handled inside the app and certificate not exposed to any other apps. Intended to protect the cert and use it's own cases so that it can renew when it got revoked or expired.
Currently this support available only if User identity certificate downloaded and pushed to system Key-chain in Browser from a server page or pushed by MDM solution.
Requirement:
When device not managed by MDM solution or downloaded certificate is not exposed, if an application want to securely use the downloaded user-identity certificate from it's known server to use in handling the authentication challenges through MSAL in an embedded WebView provided by MSAL. The sign-in request handled inside the app and certificate not exposed to any other apps. Intended to protect the cert and use it's own cases so that it can renew when it got revoked or expired.
Currently this support available only if User identity certificate downloaded and pushed to system Key-chain in Browser from a server page or pushed by MDM solution.