Jump to content

Citrix Native Workspace SAML Connection and Pop-Up


Recommended Posts

Posted (edited)

I have a SAML integrated Store in my StoreFront that works flawlessly with a web browser and nFactor/AAA. The flow is like this:

1. user access the URL

2. user is redirected to Okta

3. user provides authentication credentials and performs MFA

4. user is allowed in - no problem. FAS creates a logon cert for the user (user has a shadow account in the domain).

 

If a user tries to use native Workspace App/native Receiver login (no browser), the process mostly works. here is the flow:

1. user opens up Citrix Workspace App (latest LTSR version) and enters the URL.

2. user is redirected to Okta for SAML.

3. user provides authentication credentials and performs MFA.

4. The Workspace App presents the user with two Store options to pick from: MyStore and MyStoreSSO.

5. Since the MyStoreSSO is the correct store that is SSO enabled, the user clicks on it.

5. User gets a pop-up message requesting explicit login with user name and password (screenshot below)

 

My questions are:

A) In the native Workspace App, is there a way to disable this annoying pop-up? StoreFront should get the successful SAML assertion and should not be prompting for credentials

B) Without actually "hiding" the regular Store on the SF server, is there a way to allow the Workspace App to default to the SSO Store and not present the option to the user? I worry that some users may click on the wrong Store.

 

image.png.9905ceeb81dc9aa9d426716ecca3dc40.png

Edited by aosmantx
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...