diff --git a/SoftLayer/API.py b/SoftLayer/API.py
index 0a2788b63..00dbfe74f 100644
--- a/SoftLayer/API.py
+++ b/SoftLayer/API.py
@@ -211,9 +211,11 @@ def employee_client(username=None,
         access_token = settings.get('access_token')
 
     user_id = settings.get('userid')
-
     # Assume access_token is valid for now, user has logged in before at least.
-    if access_token and user_id:
+    if settings.get('auth_cert', False):
+        auth = slauth.X509Authentication(settings.get('auth_cert'), verify)
+        return EmployeeClient(auth=auth, transport=transport, config_file=config_file)
+    elif access_token and user_id:
         auth = slauth.EmployeeAuthentication(user_id, access_token)
         return EmployeeClient(auth=auth, transport=transport, config_file=config_file)
     else:
diff --git a/SoftLayer/config.py b/SoftLayer/config.py
index e695d6b9a..f67552639 100644
--- a/SoftLayer/config.py
+++ b/SoftLayer/config.py
@@ -61,7 +61,8 @@ def get_client_settings_config_file(**kwargs):  # pylint: disable=inconsistent-r
         'proxy': '',
         'userid': '',
         'access_token': '',
-        'verify': "True"
+        'verify': "True",
+        'auth_cert': ''
     })
     config.read(config_files)
 
@@ -74,7 +75,8 @@ def get_client_settings_config_file(**kwargs):  # pylint: disable=inconsistent-r
             'api_key': config.get('softlayer', 'api_key'),
             'userid': config.get('softlayer', 'userid'),
             'access_token': config.get('softlayer', 'access_token'),
-            'verify':   config.get('softlayer', 'verify')
+            'verify':   config.get('softlayer', 'verify'),
+            'auth_cert': config.get('softlayer', 'auth_cert')
         }
         if r_config["verify"].lower() == "true":
             r_config["verify"] = True