---
title: Creating an authentication server in Citrix
description: To allow PingFederate to handle authentication requests, add your PingFederate signing certificate and sign-on URL.
component: citrix-adc
page_id: citrix-adc::pf_citrix_adc_integration_creating_an_authentication_server_in_citrix
canonical_url: https://docs.pingidentity.com/integrations/citrix-adc/pf_citrix_adc_integration_creating_an_authentication_server_in_citrix.html
revdate: June 26, 2024
section_ids:
  steps: Steps
---

# Creating an authentication server in Citrix

To allow PingFederate to handle authentication requests, add your PingFederate signing certificate and sign-on URL.

## Steps

1. In Citrix ADC, complete the steps in [Enabling authentication, authorization, and auditing](https://docs.citrix.com/en-us/citrix-adc/13/aaa-tm/ns-aaa-setup-enabling-tsk.html) in the Citrix documentation.

2. Go to **Configuration > Authentication > Dashboard**. Click **Add**.

3. In the **Create Authentication Server** window, in the **Choose Server Type** list, select **SAML**.

4. In the **Name** field, enter a name to represent your PingFederate server, such as `PF_Auth_Server`.

5. Clear the **Import Metadata** checkbox.

6. In the **Redirect URL** field, enter the following PingFederate sign-on URL. Substitute your hostname and port, and choose a connection ID.

   `https://pf_host:pf_port/idp/startSSO.ping?PartnerSpId=connectionID`

   You will use the connection ID again in [Creating a single sign-on connection](creating_a_single_sign-on_connection/pf_citrix_adc_integration_creating_a_single_sign_on_connection.html).

7. In the **SAML Binding** and **Logout Binding** lists, select **POST**.

8. Add your PingFederate signing certificate.

   1. Under **IDP Certificate Name**, click **Add**.

   2. In the **Certificate-Key Pair Name** field, enter a name, such as `PF_Certificate`.

   3. In the **Certificate File Name** section, upload the certificate that you saved in [Exporting your PingFederate signing certificate](pf_citrix_adc_integration_exporting_your_pf_signing_certificate.html). Click **Install**.

9. In the **Issuer Name** field, enter a name to represent Citrix, such as `CitrixSAML`.

10. In the **Reject Unsigned Assertion** list, select **OFF**. Click **More**.

11. In the **Signature Algorithm** section, click **RSA-SHA256**.

12. In the **Digest Method** section, click **SHA256**. Click **Create**.