1. In the Palo Alto NGFW admin portal, go to Objects > Authentication, and then click Add.
  2. In the Name field, enter a name for the authentication profile.
  3. From the Authentication Method list, select web-form.

    This example configures authentication to a browser-based application using the authentication portal (web-form).

  4. From the Authentication Profile list, select the appropriate certificate profile.

    For more information, see Preparing for configuration.

  5. Optional: In the Message field, enter an instructional message for the user.

    A screen capture of the Authentication Enforcement window. This screen capture shows the name PingID Enforcement, Authentication Method web-form, Authentication Profile LDAP_and_MFA, and the Message field set with reminder text: This is a customizable authentication message shown to the user to allow customers to provide authentication instructions based on the authentication rule in effect.
  6. Click OK.
For more information, see Authentication Enforcement in the Palo Alto documentation.