Key Capabilities and Features of Banyan's Mobile App

  • Updated on Dec 15, 2022

The Banyan mobile app allow your end users to register their device with Banyan and access Banyan-secured Services.

Supported Platforms

Detailed installation instructions for your users to install the Banyan apps can be found in the Support Portal.

The Banyan mobile app can be installed on the following platforms:

Platform Operating System Versions
iOS iOS 11.0 or later
Android Android 8.0 (Oreo) or later

Banyan mobile app capabilities

In Banyan mobile app, version 2.0+, the Trusted Root and Device Certificates are no longer stored in the device keychain and now stored in the application keychain. This allows for an optimal experience when registering and authorizing access with the Banyan app.

Device registration

The Banyan app securely registers an end user’s device, allowing organizations to roll out a zero-trust security model whereby corporate applications are only accessed by Registered Devices. By default, Banyan’s Device Registration flow is designed for that security model and requires the end user to perform the following steps:

  1. Provide the Invite Code needed to register a device to an organization
  2. Authenticate with the organization’s Identity Provider
  3. Set device ownership type
  4. Install certificates

Once the end user has completed these steps, a Trusted Device Certificate is issued for the device and placed in the application keychain.

Hosted Websites on mobile

The Trusted Root and Device Certificates for registered mobile devices are stored in the application keychain. In order for end users to access Hosted Websites on mobile devices, the device must be able to pass TLS validation. There are two options for accomplishing this:

  1. Protect your Hosted Website with Let’s Encrypt Certificates
    • The website will use a TLS server certificate issued by the free and open CA. Mobile devices will trust the public certificate.
  2. Leverage a Device Manager to push a Private PKI certificate
    • If your website is protected by your own Custom Certificate or the Banyan PKI, you can leverage a Device Manager to push that certificate to the mobile device for TLS validation.

Can’t find what you’re looking for?

We’re happy to help. Contact our team .