Smart Card Utility: More Information

You are here:

Configuring Smart Card Authentication

Configuring Smart Card Authentication

Configure macOS for smart card-only authentication

macOS Slot Requirements

Usage Slot PIN Required Required for macOS
PIV Authentication 9A Once Yes
Digital Signature 9C Always Recommended
Key Management (KMK) 9D Once Yes
Card Authentication 9E Never No
Retired Key Management 82-95 Once No
Retired Key Management 8A-8F Once No
PIV Secure Messaging 4 Always No

Man pages

man SmartCardServices

man sc_auth

man fdesetup


Working with Smart Cards: macOS and Security


Slack channel


Turn on debug logging
sudo defaults write /Library/Preferences/ Logging -bool yes
View log as events happen
log stream --predicate '(subsystem == "") && (category == "APDULog")'

Product security certifications, validations, and guidance

Homeland Security Presidential Directive 12

Policy for a Common Identification Standard for Federal Employees and Contractors