Jump to content
Welcome to our new Citrix community!

Nestcaler asn SAML SP with Azure AD as IDP

Recommended Posts



I am trying to add netscaler as an SP to authenticate to one of the ADC gateway server. I have multiple gateway configure with AD userID matching with the SAML attribute provided by azure IDP and it works fine. In a new implementation, Instead of matching users login ID, I would like to match the user email address configured at Azure with the mail ID configured for the account on the one premise AD to authenticate the user. Is it possible to do so and if yes, how can I do that. I did try to user.mail as the Unique user identifier on Azure and emailaddress in the user field while configuring the SAML server on netscaler. But this is not working.


Any help would be highly appreciated.



Dilip Sharma

Link to comment
Share on other sites

the unique user identifier is the "name id". It doesnt matter if you change the value of that attribute in the azure application.

therefore the user filed in the netscaler saml server should remain "name id".

the user.mail value is already inside the saml assertion as emailaddress and you can add it under attributes1..16 as emailaddress.


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...