Key Capabilities and Features of Banyan's Mobile App
- Updated on Aug 09, 2022
- Supported Platforms
- Banyan mobile app capabilities
The Banyan mobile app allow your end users to register their device with Banyan and access Banyan-secured Services.
Detailed installation instructions for your users to install the Banyan apps can be found in the Support Portal.
The Banyan mobile app can be installed on the following platforms:
|Platform||Operating System Versions|
|iOS||iOS 11.0 or later|
|Android||Android 8.0 (Oreo) or later|
Banyan mobile app capabilities
In Banyan mobile app, version 2.0+, the Trusted Root and Device Certificates are no longer stored in the device keychain and now stored in the application keychain. This allows for an optimal experience when registering and authorizing access with the Banyan app.
The Banyan app securely registers an end user’s device, allowing organizations to roll out a zero-trust security model whereby corporate applications are only accessed by Registered Devices. By default, Banyan’s Device Registration flow is designed for that security model and requires the end user to perform the following steps:
- Provide the Invite Code needed to register a device to an organization
- Authenticate with the organization’s Identity Provider
- Set device ownership type
- Install certificates
Once the end user has completed these steps, a Trusted Device Certificate is issued for the device and placed in the application keychain. Read more in our article on Trusted Device Certificate management and expiration.
Hosted Websites on mobile
The Trusted Root and Device Certificates for registered mobile devices are stored in the application keychain. In order for end users to access Hosted Websites on mobile devices, the device must be able to pass TLS validation. There are two options for accomplishing this:
- Protect your Hosted Website with Let’s Encrypt Certificates
- The website will use a TLS server certificate issued by the free and open CA. Mobile devices will trust the public certificate.
- Leverage a Device Manager to push a Private PKI certificate
Can’t find what you’re looking for?
We’re happy to help. Contact our team.