mickeyrhoades's avatar
mickeyrhoades
Copper Contributor
Oct 18, 2024
Status:
Closed

RD Client / Windows App Smart Card (CAC) Passthrough

Please enable smart card passthrough for the RD Client application.  Government employees and contractors (and military active & reserves) now extensively use Azure Virtual Desktop (AVD) to connect to sites requiring that a user be on the *.mil domain to connect.  On top of requiring connection from *.mil domain, these sites are PKI enabled and require smart card (CAC) utilization for the authentication (PIV) cert.  iPadOS has the CryptoKit integrated into the OS now, so there’s no reason for this functionality to not be available.  PKI certs work natively with any generic smart card reader connected to USB-C and Safari/Mail.  The certs even work through Edge browser on the iPad.  Apple has made the CryptoKit available to all third party developers to utilize this function in their apps.  Smart Card passthrough is the only way for users that are domain restricted to also use PKI on the iPad.  This pass through feature works perfectly for my on my personal Windows PC, but I don’t carry my desktop around to coffee shops when I telework 🙂

 

Adding this feature will make the AVD a more palatable option for many clients that need to use these cards.  Even my company utilizes AVD and I have a company smart card as well. - which is useless on my iPad.  This deficiency is clearly not at the feet of Apple, as they have done the legwork to make the CryptoKit API available to all who wish to use it.