Jump to content
Welcome to our new Citrix community!
  • 0

Citrix DaaS Gateway - How to block Azure AD Guest Users from authentication?

Florian Rapp1709160092


Hi, we're using Citrix DaaS Gateway and Azure AD Authentication. Which is working "too" good at the moment.  ?


Our problem is, that we have external partners, which have guest accounts with ext. company UPM created in our AzureAD.

If they access our Gateway with their companys browser, they get SSO authenticated to Gateway.  But we do not want them to authenticate with guest account.

They must be presented a login mask and use another, internal "AzureAD member" account, which we provide them for Citrix!


Our first attempt was to modifiy the Citrix Cloud Enterprise App to only accept specific group members  & and excluded guest from the group. That worked regarding authentication denies  - but they now receive Error AADSTS50105 - with no option to switch user! Only workaround is to use in-private mode, but this is not intuitive to understand for thousands of users!!!


Any suggestions here?  I found a possible solution for self-managed applications, but not for Citrix Gateway so far....

Link to comment

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...