From 91b8c66e622920b2cd3ed99337c704fbd080181c Mon Sep 17 00:00:00 2001
From: Benjamin Triplett <b-triplett@users.noreply.github.com>
Date: Thu, 21 May 2026 11:50:09 -0700
Subject: [PATCH 1/2] Enhance InitClientCertificates method description

Clarified the description of InitClientCertificates method to specify its role in mutual TLS authentication and included additional information about device verification.
---
 docs/REFERENCES/brightscript/interfaces/ifhttpagent.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md b/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md
index e6fb94d0..4304c6ea 100644
--- a/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md
+++ b/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md
@@ -99,7 +99,7 @@ A flag indicating whether the HTTP header was successfully set.
 
 #### Description
 
-Initializes the object to be sent to the Roku client certificate.
+Initializes the Roku device's built-in client certificate for use in mutual TLS (mTLS) authentication. When called, the device will present its Roku-issued client certificate during the TLS handshake (if server requests it), allowing the server to verify that the request originates from a genuine Roku device running your specific channel. For backend service verification purposes it is recommended to use [GetDeviceAttestation(nonce as String) as String](https://developer.roku.com/dev/docs/ifchannelstore#getdeviceattestationnonce-as-string-as-string) 
 
 > The Roku Developer Dashboard includes a link for downloading the [RokuTV Certification Authority](https://developer.roku.com/certificate). This CA can be passed to an app through this function.
 
@@ -328,4 +328,4 @@ Removes all cookies from the cookie cache.
       video.SetCertificatesFile("pkg:/source/testCA.CRT")
       video.InitClientCertificates()
       ```
-6. Test the authentication with and without the code in step 5 above. If any of the three authentication methods above are ommitted you should get access denied. Note that you cannot successfully access the video until you've built a package, uploaded it to the app store, and are running that app via an app code. A sideloaded app does not properly negotiate client certs or send the enforced dev-id value for the x-roku-reserved-dev-id header.
\ No newline at end of file
+6. Test the authentication with and without the code in step 5 above. If any of the three authentication methods above are ommitted you should get access denied. Note that you cannot successfully access the video until you've built a package, uploaded it to the app store, and are running that app via an app code. A sideloaded app does not properly negotiate client certs or send the enforced dev-id value for the x-roku-reserved-dev-id header.

From 655fec4231a43260ac6bd9cee22e8ab2596657f9 Mon Sep 17 00:00:00 2001
From: jduval23 <48337343+jduval23@users.noreply.github.com>
Date: Thu, 21 May 2026 12:00:06 -0700
Subject: [PATCH 2/2] Clarify app context in InitClientCertificates description

Updated description to clarify the app context for client certificate usage.

Signed-off-by: jduval23 <48337343+jduval23@users.noreply.github.com>
---
 docs/REFERENCES/brightscript/interfaces/ifhttpagent.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md b/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md
index 4304c6ea..e575714b 100644
--- a/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md
+++ b/docs/REFERENCES/brightscript/interfaces/ifhttpagent.md
@@ -99,7 +99,7 @@ A flag indicating whether the HTTP header was successfully set.
 
 #### Description
 
-Initializes the Roku device's built-in client certificate for use in mutual TLS (mTLS) authentication. When called, the device will present its Roku-issued client certificate during the TLS handshake (if server requests it), allowing the server to verify that the request originates from a genuine Roku device running your specific channel. For backend service verification purposes it is recommended to use [GetDeviceAttestation(nonce as String) as String](https://developer.roku.com/dev/docs/ifchannelstore#getdeviceattestationnonce-as-string-as-string) 
+Initializes the Roku device's built-in client certificate for use in mutual TLS (mTLS) authentication. When called, the device will present its Roku-issued client certificate during the TLS handshake (if server requests it), allowing the server to verify that the request originates from a genuine Roku device running your specific app. For backend service verification purposes it is recommended to use [GetDeviceAttestation(nonce as String) as String](https://developer.roku.com/dev/docs/ifchannelstore#getdeviceattestationnonce-as-string-as-string) 
 
 > The Roku Developer Dashboard includes a link for downloading the [RokuTV Certification Authority](https://developer.roku.com/certificate). This CA can be passed to an app through this function.