diff --git a/src/clients/credentials/X509.tsx b/src/clients/credentials/X509.tsx
index 0340d49963..270852c04c 100644
--- a/src/clients/credentials/X509.tsx
+++ b/src/clients/credentials/X509.tsx
@@ -1,41 +1,74 @@
 import React from "react";
 import { useTranslation } from "react-i18next";
-import { useFormContext } from "react-hook-form";
-import { FormGroup, TextInput, ValidatedOptions } from "@patternfly/react-core";
+import { Controller, useFormContext } from "react-hook-form";
+import {
+  FormGroup,
+  Switch,
+  TextInput,
+  ValidatedOptions,
+} from "@patternfly/react-core";
 import { HelpItem } from "../../components/help-enabler/HelpItem";
 
 export const X509 = () => {
   const { t } = useTranslation("clients");
-  const { register, errors } = useFormContext();
+  const { register, control, errors } = useFormContext();
   return (
-    <FormGroup
-      label={t("subject")}
-      fieldId="kc-subject"
-      labelIcon={
-        <HelpItem
-          helpText="clients-help:subject"
-          fieldLabelId="clients:subject"
+    <>
+      <FormGroup
+        label={t("allowRegexComparison")}
+        labelIcon={
+          <HelpItem
+            helpText="clients-help:allowRegexComparison"
+            fieldLabelId="clients:allowRegexComparison"
+          />
+        }
+        fieldId="allowRegexComparison"
+        hasNoPaddingTop
+      >
+        <Controller
+          name="attributes.x509.allow.regex.pattern.comparison"
+          defaultValue="false"
+          control={control}
+          render={({ onChange, value }) => (
+            <Switch
+              id="allowRegexComparison"
+              label={t("common:on")}
+              labelOff={t("common:off")}
+              isChecked={value === "true"}
+              onChange={(value) => onChange(value.toString())}
+            />
+          )}
         />
-      }
-      helperTextInvalid={t("common:required")}
-      validated={
-        errors.attributes?.["x509.subjectdn"]
-          ? ValidatedOptions.error
-          : ValidatedOptions.default
-      }
-      isRequired
-    >
-      <TextInput
-        ref={register({ required: true })}
-        type="text"
-        id="kc-subject"
-        name="attributes.x509.subjectdn"
+      </FormGroup>
+      <FormGroup
+        label={t("subject")}
+        fieldId="kc-subject"
+        labelIcon={
+          <HelpItem
+            helpText="clients-help:subject"
+            fieldLabelId="clients:subject"
+          />
+        }
+        helperTextInvalid={t("common:required")}
         validated={
           errors.attributes?.["x509.subjectdn"]
             ? ValidatedOptions.error
             : ValidatedOptions.default
         }
-      />
-    </FormGroup>
+        isRequired
+      >
+        <TextInput
+          ref={register({ required: true })}
+          type="text"
+          id="kc-subject"
+          name="attributes.x509.subjectdn"
+          validated={
+            errors.attributes?.["x509.subjectdn"]
+              ? ValidatedOptions.error
+              : ValidatedOptions.default
+          }
+        />
+      </FormGroup>
+    </>
   );
 };
diff --git a/src/clients/help.ts b/src/clients/help.ts
index 46df4730c9..7348058242 100644
--- a/src/clients/help.ts
+++ b/src/clients/help.ts
@@ -92,6 +92,8 @@ export default {
       "The registration access token provides access for clients to the client registration service.",
     "signature-algorithm":
       "JWA algorithm, which the client needs to use when signing a JWT for authentication. If left blank, the client is allowed to use any algorithm.",
+    allowRegexComparison:
+      "If OFF, then the Subject DN from given client certificate must exactly match the given DN from the 'Subject DN' property as described in the RFC8705 specification. The Subject DN can be in the RFC2553 or RFC1779 format. If ON, then the Subject DN from given client certificate should match regex specified by 'Subject DN' property.",
     subject:
       'A regular expression for validating Subject DN in the Client Certificate. Use "(.*?)(?:$)" to match all kind of expressions.',
     evaluateExplain:
diff --git a/src/clients/messages.ts b/src/clients/messages.ts
index b0608e8796..e0071219ae 100644
--- a/src/clients/messages.ts
+++ b/src/clients/messages.ts
@@ -442,6 +442,7 @@ export default {
     accessTokenSuccess: "Access token regenerated",
     accessTokenError: "Could not regenerate access token due to: {{error}}",
     signatureAlgorithm: "Signature algorithm",
+    allowRegexComparison: "Allow regex pattern comparison",
     subject: "Subject DN",
     searchForClient: "Search for client",
     advanced: "Advanced",