Jump to content
Updated Privacy Statement
  • 0

Citrix Workspace App Azure AD SSO On-Prem Deployment



Hi all,

I need to sign in to Citrix Workspace App using Azure AD (Entra ID) credentials. This already works for the web interface (Netscaler is configured with SAML). I need SSO enabled, where clients login to their endpoint using Windows Hello.

This is a fully on-prem deployment.

The big question is, do I need DaaS to achieve this? In my opinion and research it seems yes, you need Citrix Cloud. So I would need Citrix Cloud licenses as well.

Is this correct?


Edited by Martijn
Link to comment

5 answers to this question

Recommended Posts

  • 0
4 minutes ago, Jeff Riechers said:

Are you hitting NetScaler Gateway?  Or are you hitting Storefrront directly.

I'm hitting Netscaler yes. It's a split brain DNS so I hit the internal IP of the Netscaler vserver when I'm in the office. I will hit the external IP from public.

Link to comment
  • 0
2 minutes ago, Jeff Riechers said:

If using NetScaler Gateway you can set that to use the same Azure AD connections and it may pass through if it is bringing the token from the initial login.  Also check the Enhanced Authentication in updated CVAD and Workspace App.  Features in Technical Preview | Citrix Workspace app for Windows

I've seen that document but it says that it requires a direct line of sight with Active Directory. Our laptops are everywhere in the field. Not always on the internal network and no always-on VPN.

I don't think it works through Netscaler but I will try.


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...