Software Support: Starting with GlobalProtect™
app 6.0 with Content Release version 8451-6911 or later.
OS
Support: Windows 10
If you have configured the GlobalProtect
portal to authenticate end users through single sign-on (SSO) using
smart card authentication, end users can now connect without having
to re-enter their smart card Personal Identification Number (PIN)
in the GlobalProtect app for a seamless SSO experience. End users
can leverage the same smart card PIN for GlobalProtect with their
Windows endpoint. This improves the user experience by reducing
the number of times end users must enter their smart card PIN when
they log in. After the end user successfully logs in to the Windows
endpoint, the GlobalProtect app acquires and remembers their smart card
PIN to authenticate with the GlobalProtect portal and gateway.
You
can define the type of
PIN caching policy for Windows
that is associated with the PIN for the smart card provider. The
PIN is cached only if allowed from the smart card provider. GlobalProtect
clears the PIN from the cache if end users manually sign out of
the GlobalProtect app, sign out of Windows, or the PIN is changed.