Skip to Content

Enable Certificate-Based Authentication

Create a branded MDK client that can on-board using certificates for authentication.
You will learn
  • How to define your Mobile Services app to support certificate authentication
  • How to configure the MDK client
  • How to build a branded client
jitendrakansalJitendra KansalFebruary 27, 2023
Created by
October 4, 2022


  • Step 1
    1. Navigate to SAP Mobile Services cockpit.

    2. On the home screen, select Create new app.

    3. In Basic Info step, provide the required information and click Next.

      Field Value
      Name SAP MDK cert auth App

      If you are configuring this app in a trial account, make sure to select License Type as lite.

    4. In the XSUAA Settings step, continue with the default settings and click Next to navigate to further steps.

    5. In Assign Features step, choose Mobile Development Kit Application from the dropdown, and click Finish.


      If you see a Confirm Finish window, click OK.

    Log in to complete tutorial
  • Step 2

    When you configure an MDK app in Mobile Service cockpit, OAuth security is assigned to the app by default.

    To enable certificate based authentication, you need to modify Redirect URL in Security configuration.

    1. Click Security.

    2. Click pencil icon to make changes to default configuration.

    3. Replace the Redirect URL with mdkclient://oauth2redirect parameter, and click OK to save the changes. This Redirect URL needs to be added in the AllowedDomains property while building your branded client (step 3.5).


      mdkclient is an URL scheme for your branded MDK client, you will use this value in step 3.3.

      oauth2redirect is just a random path. It could be any value.

    Log in to complete tutorial
  • Step 3

    Make sure you are choosing the right development platform tab above.

    Make sure that you have already completed steps 1 & 2 from this tutorial.

    Which properties are part of ConnectionSettings in BrandedSettings.json file?

    Log in to complete tutorial
  • Step 4

    Make sure you are choosing the right development platform tab above.

    This name of this folder is based on the <App Name> provided in the MDKProject.json file and this is the MDK client application generated project.

    Log in to complete tutorial
  • Step 5

    Make sure you are choosing the right device platform tab above.

    What is the default value for AppVersion in the MDKProject.json?

    Log in to complete tutorial
Back to top