This is an example of multiple ways to do device posture
The method uses device claim script where AppGate client download a script in the background and execute and the send the result back to either AppGate controller or AppGate GW.
This example is using Windows and PowerShell to illustrate
Download Check_Cert.ps1 file and open it with any editor
Change the value “BD9D0D1C70165449E36910F0F1316FB687990EAF” to reflect the certificate you want to check on the users’ machines
On AppGate admin UI, navigate to Identity --Device Claim Scripts--Add New
Upload the aforementioned script by press Choose a file and fill the other information as you want.
Device Claim Script is linked to the IdP, so when a user authenticates to that IdP the client will download the script and execute it, so Navigate to Identity -- and pick your IdP-- Configure On-demand Device Claims -- Add New
Command --Run Device Claim Script
Device Claim Script -- Choose the script you named it in step 4
Argument --True
Claim Name -- Check_Cert
Platform -- All Windows devices
Your configuration should be looks like below
Now if you go to Assignment Criteria in Policy you should see a claim called Check_Cert
Same For Access Criteria in Condition
All you need is to use it either with Policy or Condition