1. Home
  2. Knowledge Base
  3. SureMDM
  4. General questions
  5. How to Manage SureIDP Certificate Authentication State Using Run Script Jobs in SureMDM
  1. Home
  2. Knowledge Base
  3. SureMDM
  4. How to Manage SureIDP Certificate Authentication State Using Run Script Jobs in SureMDM
Searching...

How to Manage SureIDP Certificate Authentication State Using Run Script Jobs in SureMDM

Contents

Purpose

SureMDM provides script-based controls that allow administrators to manage SureIDP certificate authentication behavior on Android devices. These controls help define whether a domain is allowed to authenticate using a certificate, explicitly blocked from doing so, or reset to its default authentication state.

Prerequisites

  • Access to the SureMDM Web Console
  • Android devices enrolled in SureMDM
  • SureIDP certificate already available on the device
  • Permission to create and apply Run Script jobs

Run Scripts

  1. Grant Certificate Authentication

Enables SureIdP certificate authentication for a specified domain and certificate alias.

#!suremdm

grantCert(domain, alias)

Parameters

  • domain: The target domain (e.g., example.com)
  • alias: Certificate alias stored on the device

Example:

#!suremdm

grantCert(“example.com”, “sureidp_cert”)

  1. Deny Certificate Authentication

Explicitly blocks SureIdP certificate authentication for a given domain.

#!suremdm

denyCert(domain)

Example:

#!suremdm

denyCert(“example.com“)

  1. Clear Certificate Authentication State

Clears any granted or denied certificate authentication state for the specified domain.

#!suremdm

clearCert(domain)

Example:

#!suremdm

clearCert(“example.com“)

Steps

  1. On the SureMDM Console 
  2. Navigate to Jobs > New Job > Android > Run Script.
  3. Enter a Job Name and in the Script prompt, enter the required script (grantCert, denyCert, or clearCert).
  4. Click Save to create the job.
  5. To Apply the Job to Devices – Navigate to the SureMDM Home page
  6. Select the required device(s) or device group.
  7. Click Apply (or Group Apply) and select the created Run Script job.

Expected Results

  • grantCert allows SureIDP to authenticate with the specified domain using the defined certificate alias.
  • denyCert prevents the specified domain from using SureIDP certificate-based authentication.
  • clearCert removes any previously configured authentication rules for the domain and restores default behavior.

Conclusion

Using Run Script jobs in SureMDM, administrators can precisely control SureIDP certificate authentication behavior on Android devices. This provides flexibility to allow, block, or reset certificate-based authentication for specific domains based on organizational security requirements.

Need more help? Here’s how to get help from our experts

CONTACT US

Was this helpful?
YesNo
Updated on January 2026
Tagged:
Need Support?
Can't find the answer you're looking for?
Contact Support