diff --git a/docs/user-guide/authenticating-with-client-certificates.md b/docs/user-guide/authenticating-with-client-certificates.md
index b1a1d5d2bd..a9d6b64a4e 100644
--- a/docs/user-guide/authenticating-with-client-certificates.md
+++ b/docs/user-guide/authenticating-with-client-certificates.md
@@ -84,3 +84,18 @@ curl --cert /path/to/cert.pem --key /path/to/key.pem https://api-mediation-layer
 ```
 Your Zowe instance is configured to accept x.509 client certificates authentication.
 
+**Java sample application**
+
+**Note:** This code sample requires JDK 17 or newer.
+
+You can find a [Java sample application](https://github.com/zowe/api-layer/blob/v3.x.x/client-cert-auth-sample/src/main/java/org/zowe/apiml/Main.java) in the Zowe API Layer repository. This sample can help you get started with client certificate authentication. 
+
+Replace the following placeholder values in the sample application with your actual configuration:
+
+```text
+  API_URL - URL that points to your API ML instance
+  CLIENT_CERT_PATH - PKCS12 keystore that contains your client certificate
+  CLIENT_CERT_PASSWORD - keystore password 
+  CLIENT_CERT_ALIAS - client certificate alias 
+  PRIVATE_KEY_ALIAS - client certificate private key alias - usualy is the same value
+```
\ No newline at end of file