The authentication is based on mutual TLS and requires all users to request using an X.509 certificate. The service support TLS 1.3