Hello, I think this is in the right place. Does anyone know if there is a way to bypass the end-user having to select the cert/token the first time they use SSO? We have scripted the install of the SLC-2.x as well as moving over a new saplogon.ini that enables SSO. However its not fully unattended as the first time they open it, they get a prompt to pick a cert. We have about 30 on the list, they have to scroll all the way down to click the kerbros token with their user name.