Use the SAP Mobile Server CertificateAuthenticationLoginModule authentication provider to implement SSO with an SAP enterprise information system (EIS) with X.509 certificates.
Authorization control and role mappings for user authorization for EIS back ends are enforced in the EIS using access control policies, not SAP Mobile Server. For information on adding a mappable physical role for certificate authentication, see Creating and Assigning a Security Configuration That Uses X.509 Credentials, UserRoleAuthorizer Provider, and Certificate Authentication Properties.