Client certificate authentication

Relativity supports client certificate authentication, which may also be referred to as smart card authentication. This two factor authentication method uses a PIN and a client certificate stored on a personal identity verification (PIV) card. When logging in to Relativity, the user inserts a PIV card into the card reader, and clicks a PIV login button. Next, the user selects the appropriate certificate on the PIV card, and then enters a PIN.

Configuring a user for client certificate authentication

In Relativity, you configure client certificate authentication at the user level.

Before you begin, obtain the value in the Subject Alternative Name field of the certificate generated for a user. Contact your system or other administrator responsible for generating these certificates in your organization for this information.

Use the following steps to configure a user for client certificate authentication:

  1. Log in to Relativity with system admin credentials.
  2. Select Home from the user drop-down menu.
  3. Click the Users tab.
  4. Click the Edit link next to an existing username, or create a new user. See Creating and editing a user.

  5. In the Login Method section, click New to open the Login Method Information form.
  6. Select a Smart Card Provider.
  7. In the Certificate Subject field, enter <Subject Alternative Name>. The Subject Alternative Name is associated with the certificate on the smart card used to log in to Relativity.

    setting for smart card authentication

    For example, if the Subject Alternative Name is jsmith@example, then you would enter jsmith@example in the Certificate Subject field.

  8. Click Save. The user can now use client certificate authentication to log in to Relativity.

Logging in to Relativity with client certificate authentication

You can log in to Relativity by inserting your PIV card into your smart card reader, selecting a certificate, and entering your PIN.

Use the following steps to log in to Relativity:

  1. Insert your PIV card into the smart card reader for your computer.
  2. Browse to your Relativity website with the URL provided by your system admin.
  3. Enter your email address in the Username box.
  4. Click the button under the External Login heading.

    Your system admin may customize the label on the button for your Relativity application.

    external login section on Login dialog

  5. On the Select a certificate dialog, highlight the certificate used for logging in to Relativity.
  6. Click OK.

    Select a certificate dialog

  7. Enter your PIN for your smart card, and click OK.

    dialog for authentication PIN