Jump to content
Welcome to our new Citrix community!

SAML 2.0 flow with Netscaler as service Provider

Recommended Posts

Hello All,


We are planning to introduce PingID federation service to our environment, which will basically provide MFA (Customer ADFS + OTP password send to uses nominated device)


The Netscaler ADC will act as Service Provider (SP). When a user tries to access a protected application, the SP evaluates the client request. If the client is unauthenticated (does not have a valid NSC_TMAA or NSC_TMAS cookie), the SP redirects the request to the SAML Identity Provider (IdP).


We have multiple web services on same netscaler box, does above means if the client does have a valid NSC_TMAA or NSC_TMAS cookie he will be able to access all web resources on same netscaler protected by PingId without any authentication required. 


Sorry i am new to SAML :) 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...