Support for SAML.
We are implementing an idp. It would be nice to add GTA to it.
Forum Discussion
- I am waiting on clarification for customers portal also. As you state SSO for named techs is not a deal breaker it's kind of nice to have when even our techs adhere to our internal domain password policies. Also makes it easier to disable their logins to SSO services via AD.
Let me know if you hear anything or have completed some testing in your lab. - I was able to configure SAML authentication for users and administrators but not customers. This was accomplished using the Citrix WebSSO.
Please tell me that there is a way to do this for our users. - I think you mean Customers. There is no support at the moment for Customers and SAML 2.0. You can use their implementation of AD authentication via IIS; if it's applicable.
http://support.citrixonline.com/en_US/GoToAssistServiceDesk/help_files/G2ASD120006?title=Configure+S... - I am already doing that with a web based front end that takes a nice web form and does an SSO into the archaic NTLM auth that is required. I am in the process of moving as much stuff to our idp as possible. So I already have a desirable result, I would just like to use a more modern and flexible mechanism to get there.
- Is there anyway we can connect via email as I'm looking for detail on exactly what you have accomplished for Customers, as your interim solution until SAML is supported. Thanks.
- See it for yourself. We are a school so 95% of our customer base must have remote access to services. Beware, the login page is ugly. Web Developers we are not.
https://servicedesk.cvtc.edu
If you had AD credentials it would log you directly from that portal into the customer GTA portal.
Also any other published web application, SharePoint for instance, just needs to have a link to that same site and it will sign you in automatically from within that environment.
I use Microsoft TMG to do it. The product unfortunately is EOL and we are no longer publishing new applications through it.
GoToAssist is the only cloud based application we use which does not offer a federated approach. ERP, LMS, Web Productivity Suite, Curriculum Design, CMS, digitial signage are virtual desktop are already federated with SAML authentication to cloud providers. - See it for yourself. We are a school so 95% of our customer base must have remote access to services. Beware, the login page is ugly. Web Developers we are not.
https://servicedesk.cvtc.edu
If you had AD credentials it would log you directly from that portal into the customer GTA portal.
Also any other published web application, SharePoint for instance, just needs to have a link to that same site and it will sign you in automatically from within that environment.
I use Microsoft TMG to do it. The product unfortunately is EOL and we are no longer publishing new applications through it.
GoToAssist is the only cloud based application we use which does not offer a federated approach. ERP, LMS, Web Productivity Suite, Curriculum Design, CMS, digitial signage are virtual desktop are already federated with SAML authentication to cloud providers. - That's nice and good approach to solving the challenge. Unfortunately I'll have to wait until Citrix officially supports SAML for this service. What are you using as your IdP? External service or internal such as AD FS?
I agree Citrix needs to get on this. Almost every Service Desk SaaS application on the market already supports SAML. Even if they supported LDAPS it'd be a littler better than IIS. - We use Vmware Horizon Workspace for our idp. Yes LDAPS would be a great improvement.
- Hey guys,
Thanks for the feedback, I like the creative solutions you've come up with here. We are currently tracking SAML authentication as a feature request, so I've added a couple of +1's against it internally.
We do have a series of improvements coming out for the Customer Portal over the course of 2015, the plan is to push forward with these improvements, once we've done that we'll then re-assess SAML authentication.
Luke
