Jump to content
Welcome to our new Citrix community!

Citrix Cloud Workspace using on-prem Netscaler and Custom URL


Mike_B

Recommended Posts

We currently have the Citrix Cloud Workspace service configured to point to a AAA service on our on-prem Netscalers.  This works fine when using our default 'cloud.com' URL, but when we configured a custom URL it throws an error:   Validation of Relaying Party information fails. Please contact your administrator

 

I assume this is because the AAA service is expecting the request to have come via our cloud.com URL, and because users are initially going to our custom URL, it is rejecting it.

 

Is it even possible to have the AAA service work with more than one URL redirecting to it?

Link to comment
Share on other sites

So you're using the "Citrix Gateway" authentication mechanism in Citrix Cloud, correct? 

 

As this is a OAuth Policy on your NetScaler, try to add more than one URL or copy the same oAuth IDP Profile with your custom URL and link both to your AAA, for example:

 

add authentication OAuthIDPProfile CitrixCloudGatewayIDP -clientID 123 -clientSecret 123 -redirectURL "https://accounts.cloud.com/core/login-cip","https://customurl.customer.com" -issuer "https://aaa.customer.com" -audience 123 -skewTime 10 -encryptToken ON -sendPassword ON

Let me know if this works

Regards

Julian

Link to comment
Share on other sites

  • 2 weeks later...

Oh wow, that looks perfect, thanks Julian!   May I ask where you found that?  It looks like a Citrix doc but I haven't managed to come across it.   It would be handy to supply a link to my Networks team and say 'do this please'.  Unfortunately (or not ?) I don't manage the Netscalers myself.

 

Edit to add - I found the source.  For anyone reading this with a similar issue, check here:

https://docs.citrix.com/en-us/adaptive-authentication/related-adaptive-authentication-configurations.html#custom-workspace-url-or-vanity-url

Edited by Michael Burnstead
Add link to further information
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...