In earlier releases of Avaya Experience Portal, the EPM user authentication was based only on password validation. From Release 7.2, certificate-based authentication is combined with password-based authentication resulting in a two-factor authentication. This two-factor authentication is an extra layer of security that requires not only a user name and password but validates the user certificate as well.

Certificate-based authentication is available to both the EPM web user login and EPM Web Service calls. However, the authentication between VPAppLogClient component and VPAppLog Web Services in Avaya Experience Portal continues to use basic authentication.