Page created: 15 Jul 2020 |
Page updated: 8 Feb 2022
In the PingFederate
administrator console, create a new SP connection:
- For PingFederate 10.1 or later: go to Create Connection. . Click
- For PingFederate 10.0 or earlier: go to Create Connection. . Click
- If you see the Connection Template tab, select Do not use a template for this connection. Click Next.
- On the Connection Type tab, select only Browser SSO Profiles. Click Next.
- On the Connection Options tab, select only Browser SSO. Click Next.
- On the Import Metadata tab, select None. Click Next.
On the General Info tab, enter the basic connection
information. Click Next.
- In the Partner's Entity ID field, enter the Issuer Name that you chose in Creating an authentication server in Citrix.
- In the Connection Name field, enter the connection ID portion of the Redirect URL that you entered in Creating an authentication server in Citrix.
- In the Base URL field, enter the base URL for your Citrix Gateway server.
On the Browser SSO tab, configure browser SSO. Click
For a complete guide, see Configure IdP Browser SSO in the PingFederate documentation.
- On the IdP-Initiated SSO and SP-Initiated SSO. Click Next. tab, select
- On the Configuring an adapter instance. Click Next. tab, complete the steps in
- On the Binding list, select POST. tab, from the
- In the Endpoint URL field, enter /cgi/samlauth, and then click Add. Click Next.
- On the POST. Click Next. tab, select only
- On the Credentials tab, configure the connection credentials as shown in Configuring credentials in the PingFederate documentation. Click Next.
- On the Activation and Summary tab, above the Summary section, click the toggle to turn on the connection. Click Save.
Note the SSO Application Endpoint URL. Click
The SSO Application Endpoint URL should match the Redirect URL that you entered in Creating an authentication server in Citrix. If it doesn't, update the URL in Citrix ADC.
- To test the integration, make sure your test credentials exist in both the PingFederate data store and Citrix, then go to your Citrix ADC URL in a browser and sign on.