One of the challenges with using cloud services is getting the same experience you had in an on-premises deployment.
For the past 20+ years, many Citrix Virtual Apps and Desktop deployments utilized a Citrix Gateway to provide an ICA proxy through the firewall. For external users, Gateway also authenticated those users. Over the years, admins determined the authentication schema for their organization, most likely incorporating additional factors beyond passwords, like TOTP, certificates, RADIUS, nFactor, etc.
Fast forward to 2019 and we now need to figure out how to use Citrix Workspace without impacting our secure authentication profile.
Currently in tech preview, the identity portion of Citrix Workspace includes an option to utilize an on-premises Citrix Gateway as the Workspace’s IdP.
Workspace essentially redirects the authentication requests to the Gateway’s FQDN. When the Gateway authenticates the user, it replies to Workspace with the Active Directory account information, to be used to single sign-on users to additional Windows-based resources (virtual apps and desktops).
Integrating an on-prem Citrix Gateway into Citrix Workspace is fairly straight-forward and can be seen in the latest Tech Insight video:
Authentication Blog Series:
Daniel (Twitter @djfeller)