NOTE: As of June 8th, 2021, Citrix has identified two vulnerabilities covered in CTX297155. For those steps, hit up these useful links: Similar to my earlier blog on Multi-Datacenter FAS architecture, this article is NOT a how-to guide on installing and configuring FAS or Azure MFA integration to Citrix ADC, although these are certainly pre-requisites.
This was tested on Citrix ADC 12.1 b50.28 and 50.31. Mobile apps are not yet supported for SAML. This article was tested on Citrix Workspace App for Windows 1812, as well as Workspace App for Mac 18.
The TL DR for this write up is you need a simple AAA advanced policies config for this to function. This article’s intent is to provide guidance on a simple SAML authentication setup leveraging Azure MFA via SAML, for Workspace App authenticating at Citrix Gateway.
