Citrix WorkSpace SAML


Multi Factor Authentication (MFA) is an extra layer of security used when logging into websites or apps. Individuals are authenticated through more than one required security and validation procedure that only you know or have access to.

Citrix WorkspaceTM offers the industry’s most complete and integrated digital workspace that’s streamlined for IT control and easily accessible for users. Acceptto integrates with Citrix WorkSpace via its SAML solution and provides single sign-on (SSO) MFA to ensure customers use the convenience of cloud SSO without its potential security risks.

  1. An Acceptto Appliance connected to your user Azure AD.
  2. The user population that is going to be authenticated via SAML must be enrolled in the It’sMeTM mobile Application.
  3. A user with administrative privileges for the Citrix Workspace.
  4. A user with administrative privileges for the Acceptto Appliance.
Connect your Azure AD to Acceptto Appliance

Please follow this guide.

Connect your Citrix Cloud to Azure AD

When connecting your Citrix Cloud account to your Azure AD, Citrix Cloud will need permission to access your user profile (or the profile of the signed-in user), as well as the basic profiles of the users in your Azure AD. Citrix requests this permission so it can assign your name and email address (as the administrator) and enable you to browse for other users and add them as administrators later.

IMPORTANT: You must be a Global Admin in Azure AD to complete this task.

  1. Sign in to Citrix Cloud at
  2. Click the menu button in the top-left corner of the page and select Identity and Access Management.
  3. Under My Company’s Identity Providers, click Connect for Azure ‘Active DirectoryTM’.
  4. When prompted, enter a short, URL-friendly identifier for your company and click Connect. The identifier you choose must be globally unique within Citrix Cloud.
  5. When prompted, sign in to the Azure account with which you want to connect. Azure shows you the permissions that Citrix Cloud needs to= access the account and acquire the information required for connection. These read-only permissions allow Citrix Cloud to gather basic information from your Microsoft™ Graph such as groups and user profiles. If you are an XME customer, you will have to grant ‘Microsoft Intune™’ related read-write permissions.
  6. Click Accept.
Configure Citrix WorkSpace to use Azure AD as its authentication source
  1. From the Citrix Cloud menu, Navigate to Workspace Configuration > Authentication tab and select Azure Active Directory radio button.
  2. citrix cloud dashboard workspace configuration
Test your setup
  1. Go to your Workspace URL. You will be redirected to Azure AD and will need to enter your credentials.
  2. microsoft login form
  3. Then, you will be redirected to Acceptto SAML page.
  4. acceptto saml sign in page
  5. After successful authentication, you’ll see the Acceptto MFA options and need to select your desired method and pass the verification stage on your It’sMe mobile app.
  6. acceptto authenticator
  7. Finally, you’ll enter your Citrix WorkSpace landing page.
  8. workspace app list

If you require assistance, please email us at


Want to learn more about our MFA solutions? Contact our Professional Services for a Demo today.


All product names, trademarks, and registered trademarks are the property of their respective owners.
All company, product, and service names used in this document are for identification purposes only. Use of these names, trademarks, and brands does not constitute endorsement by the Acceptto Corporation.
Citrix, Citrix Cloud, and Citrix Workspace are either registered trademarks or trademarks of Citrix and/or one or more of its subsidiaries in the United States and/or other countries.
Azure, Microsoft, and 'Active Directory' are either registered trademarks or trademarks of Microsoft and/or one or more of its subsidiaries in the United States and/or other countries.