Jump to content
Welcome to our new Citrix community!

NC 13 Supporting native OTP and Push OTP

Steve Rast

Recommended Posts



Since months i am dealing with Citrix Support because i can either register a native OTP like freeOTP or using push OTP with Citrix SSO App. I would like to have both options. I have the Premium license and my nFactor (based on Carls Tutorial) is working with native OTP or push OTP.


The Support seams to be unable to provide a solution (it took them months to figure out that either native OTP or push OTP).


I read here:




that it seams to be possible to use native OTP and push OTP.


My questions:


- How can i create two manageotp for the users to register either a native OTP or push OTP?

- Is it possible in the normal authentication flow to check if the native OTP or push OTP is filled and show a different loginscheme (if even possible)?





Link to comment
Share on other sites

  • 1 month later...

Hi Steve,


thanks for mentioning my blogpost. I've done some setups with native OTP and push OTP in a row as this is possible with nFactor.


Regarding your questions:

- You have to seperate the different /manageotp pages with different internal FQDNs (this was my easiest way), as there are different LDAPS Actions for registering native OTP or push OTP (Example token-selfservice.customer.com for native OTP and pushtoken-selfservice.customer.com for push OTP)

- To get different loginschemas you have to use different AD-Attributes, one for native OTP and one for push OTP, so you are able to check the presence of both attributes and difference between the login pages (Example AAA.USER.ATTRIBUTE(5).CONTAINS("#@").NOT)

--> As there can be users which have BOTH, I always used the DualAuthPushOrOTP.xml as template so the default is push and if the user has to enter their native OTP, you just have to click on the hook "Enter OTP manually". This works without any issues


Hope my tips are helpful

Best Regards


Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...